I recently was reading a leaked
email written by Twitter's current CFO, at the time representing Snapchat's investors,
to Snapchat's CEO which dissected Facebook's recent earnings announcements. It's clear
from the mail that Snapchat's investors view Facebook as the benchmark when it comes
to the size of their potential audience as well as revenue. This comparison is what
fuels Snapchat's sky high valuation despite close to zero meaningful revenue.

Native Ads, User Intent and Facebook as the Mobile Unicorn

My day job is building
an advertising platform for advertisers who want to spend as little as $50 a year
to as much as millions a year advertising on Microsoft & Yahoo properties. To
have any chance at being good at building a digital advertising business it is important
to find the sweet spot between what advertisers want and what users want. The most
successful digital advertising platforms that have found this sweet spot in the form
of native ads. My definition of "native ads" are ads which match
both the form of the content of the site/app and user intent when using the product.

Google search ads is the original native ads platform. Search ads don't just match
the look of regular search results but also match the user's intent of finding the
most relevant content given their query. I recently donated my wife's decade old car
to Make-A-Wish foundation after performing a search for "donate
car tax deduction". The ad I got in the search results from Make-A-Wish foundation
was actually the best result for me as a consumer and Make-A-Wish foundation
got a free car for their auctions as a result of their ad spend. The very definition
of win-win.

Facebook has similarly gotten this right. I launch Facebook a couple of times a day
seeking minor entertainment from the tiny bouts of bored that fill the day. Facebook
shows me ads for 4.5 - 5 star rated mobile strategy games and news about super hero
TV shows & movies because I play Clash of Clans and click on all content from Comicbook.com religiously.
As with Google, my needs as a consumer are in perfect harmony with the goals of their
advertisers.

Where Facebook cranks things up to 11 is that they have figured out how to make more
money from mobile users than from desktop users. This is pretty much unheard of in
the digital world where the meme is that offline dollars became digital
dimes on the desktop web and pennies on mobile. When it comes to mobile ad revenue
Facebook is bordering on a mythical creature.

Reddit vs Instagram: A Different Benchmark

Instagram has about 300 million active users and is projected
to make about $700 million this year. One might then assert that $2 a user is
a reasonable target for a social media app that is light on ads. Heck, I honestly
haven't seen an ad on Instagram outside of screenshots in news stories about ads on
Instagram. Reddit is a popular social media site that has about half the users of
Instagram with about 160 million active users. How much do you then think they made
last year? $350 million? $175 million? $100 million? $80 million?

Nope. The answer is $8 million. That's 5 cents a
user.

What Reddit has found out the hard way is that their advertising doesn't fit natively
into their platform.Their ads often don't match the form of the content and when it
does, it doesn't match user intent for what they want out of Reddit. On the other
hand, people go to Instagram to see beautiful photos. Beautiful photos from brands
they've expressed an affinity with via Facebook or Instagram's social graph are the
epitome of a native advertising slam dunk. The results
advertisers have seen speak for themselves.

Is Snapchat like Reddit or like Facebook?

This brings us back to Snapchat. Snapchat's original product is actually quite bad
from an advertising perspective. When you launch it to send messages you start directly
in the camera so no place for ads. Secondly, ads into the user’s inbox of received
messages or as part of message viewing would be extremely disliked by users and isn't
aligned with user intent.

Snapchat has realized this and the majority of their new features have been about
changing user intent around Snapchat. Features like discover & stories (which
has since morphed into Snapchat permanently having programmed content in your story
feed) are about creating consumption experiences that are more aligned with being
good surfaces for delivering ads compared to its original messaging product.

Bottom Line: When I look at Snapchat I see a lot that looks like Reddit when it comes
to their ads business not Facebook. In fact, I think it's more likely one could turn
Reddit's business into a financial powerhouse with proper execution than Snapchat's.

A few years ago, I remember reading about Facebook plan to have auto playing video
ads fro articles like Facebook
Autoplay Ads Won't Be As Bad As You Think (But Everyone Will Still Hate Them) and
thinking that this would be a very jarring experience in their product. However over
the past year or so, the news feed has been pumping a heavy diet of auto playing videos
from my friends to the extent that I’m now used to auto playing videos in the news
feed and honestly can’t distinguish auto playing video ads from auto playing viral
videos posted by my friends at first glance. This is the holy grail that Snapchat
needs to achieve to be worthy of using Facebook as a benchmark for its valuation but
unfortunately they do not have a canvas as malleable as the Facebook news feed or
even the Twitter time line.

Snapchat's valuation is based on a single flawed assumptionhttp://www.25hoursaday.com/weblog/PermaLink,guid,056e4d0d-725a-4907-b018-69dee9f129b5.aspxhttp://www.25hoursaday.com/weblog/2015/04/19/SnapchatsValuationIsBasedOnASingleFlawedAssumption.aspx
Sun, 19 Apr 2015 20:42:27 GMT<p>
I recently was reading a <a title="Twitter CFO Anthony Noto privately analyzes Facebook" href="http://dcurt.is/twitter-cfo-anthony-noto-on-facebook">leaked
email written by Twitter's current CFO</a>, at the time representing Snapchat's investors,
to Snapchat's CEO which dissected Facebook's recent earnings announcements. It's clear
from the mail that Snapchat's investors view Facebook as the benchmark when it comes
to the size of their potential audience as well as revenue. This comparison is what
fuels Snapchat's sky high valuation despite close to zero meaningful revenue.
</p>
<h3>Native Ads, User Intent and Facebook as the Mobile Unicorn
</h3>
<p>
My day job is <a title="Bing Ads: How Bing Ads and Yahoo work for you" href="http://advertise.bingads.microsoft.com/en-us/cl/13827/reachyournextcustomer">building
an advertising platform</a> for advertisers who want to spend as little as $50 a year
to as much as millions a year advertising on Microsoft &amp; Yahoo properties. To
have any chance at being good at building a digital advertising business it is important
to find the sweet spot between what advertisers want and what users want. The most
successful digital advertising platforms that have found this sweet spot in the form
of <em>native ads</em>. My definition of &quot;native ads&quot; are ads which match
both the form of the content of the site/app and user intent when using the product.
</p>
<p>
Google search ads is the original native ads platform. Search ads don't just match
the look of regular search results but also match the user's intent of finding the
most relevant content given their query. I recently donated my wife's decade old car
to Make-A-Wish foundation after performing a search for &quot;<a href="https://www.bing.com/search?q=donate+car+tax+deduction&amp;PC=U316&amp;FORM=CHROMN">donate
car tax deduction</a>&quot;. The ad I got in the search results from Make-A-Wish foundation
was actually the best result for me as a consumer <u>and</u> Make-A-Wish foundation
got a free car for their auctions as a result of their ad spend. The very definition
of win-win.
</p>
<p>
Facebook has similarly gotten this right. I launch Facebook a couple of times a day
seeking minor entertainment from the tiny bouts of bored that fill the day. Facebook
shows me ads for 4.5 - 5 star rated mobile strategy games and news about super hero
TV shows &amp; movies because I play Clash of Clans and click on all content from <a href="http://comicbook.com/">Comicbook.com</a> religiously.
As with Google, my needs as a consumer are in perfect harmony with the goals of their
advertisers.
</p>
<p>
Where Facebook cranks things up to 11 is that they have figured out how to make more
money from mobile users than from desktop users. This is pretty much unheard of in
the digital world where the meme is that offline dollars became <a href="http://www.poynter.org/news/mediawire/190169/ad-age-digital-dimes-are-turning-into-mobile-pennies/">digital
dimes on the desktop web and pennies on mobile</a>. When it comes to mobile ad revenue
Facebook is bordering on a mythical creature.
</p>
<h3>Reddit vs Instagram: A Different Benchmark
</h3>
<p>
Instagram has about 300 million active users and is <a href="http://mashable.com/2015/02/19/instagram-revenue-estimate-2020/">projected
to make about $700 million this year</a>. One might then assert that $2 a user is
a reasonable target for a social media app that is light on ads. Heck, I honestly
haven't seen an ad on Instagram outside of screenshots in news stories about ads on
Instagram. Reddit is a popular social media site that has about half the users of
Instagram with about 160 million active users. How much do you then think they made
last year? $350 million? $175 million? $100 million? $80 million?
</p>
<p>
Nope. The answer is <font color="#ff0000">$8 million</font>. That's <em>5 cents a
user</em>.
</p>
<p>
What Reddit has found out the hard way is that their advertising doesn't fit natively
into their platform.Their ads often don't match the form of the content and when it
does, it doesn't match user intent for what they want out of Reddit. On the other
hand, people go to Instagram to see beautiful photos. Beautiful photos from brands
they've expressed an affinity with via Facebook or Instagram's social graph are the
epitome of a native advertising slam dunk. The <a title="First Look – Measuring the Effectiveness of Brand Advertising Campaigns on Instagram" href="http://blog.business.instagram.com/post/70498340316/first-look-measuring-the-effectiveness-of-brand">results
advertisers have seen</a> speak for themselves.
</p>
<h3>Is Snapchat like Reddit or like Facebook?
</h3>
<p>
This brings us back to Snapchat. Snapchat's original product is actually quite bad
from an advertising perspective. When you launch it to send messages you start directly
in the camera so no place for ads. Secondly, ads into the user’s inbox of received
messages or as part of message viewing would be extremely disliked by users and isn't
aligned with user intent.
</p>
<p>
Snapchat has realized this and the majority of their new features have been about
changing user intent around Snapchat. Features like <a title="Snapchat Blog: Introducing Discover" href="http://blog.snapchat.com/post/109302961090/introducing-discover">discover</a> &amp; <a title="Snapchat Stories Create 24-Hour Narratives With Your Clips" href="http://mashable.com/2013/10/03/snapchat-stories/">stories</a> (which
has since morphed into Snapchat permanently having programmed content in your story
feed) are about creating consumption experiences that are more aligned with being
good surfaces for delivering ads compared to its original messaging product.
</p>
<p>
However from what we can tell Snapchat hasn't cracked the native ad nut and when I
first saw <a title="Snapchat’s Newest Money Maker Is A Sponsored Our Story For Samsung And The AMAs" href="http://techcrunch.com/2014/11/23/snapchat-sponsored-our-story/">their
&quot;sponsored stories&quot; product</a>, it reminded me a lot of <a href="http://www.reddit.com/wiki/selfserve">Reddit's
sponsored stories product</a>. So it wasn't surprising to learn <a title="Snapchat Is No Longer Selling Its Original Ad Unit, Brand Stories" href="http://recode.net/2015/04/13/snapchat-is-no-longer-selling-its-original-ad-unit-brand-stories/">they
cancelled the product last week</a> and <a title="Snapchat Revenue Boss Mike Randall Departs After Seven Months" href="http://recode.net/2015/01/20/snapchat-revenue-boss-mike-randall-departs-after-seven-months/">fired
the guy behind their ads program</a>.
</p>
<p>
Bottom Line: When I look at Snapchat I see a lot that looks like Reddit when it comes
to their ads business not Facebook. In fact, I think it's more likely one could turn
Reddit's business into a financial powerhouse with proper execution than Snapchat's.
</p>
<h3>Facebook: The Digital Ads Chameleon
</h3>
<p>
As a post-script, one other impressive point about Facebook is how malleable their
product is from an ads perspective. At one point in time, the Facebook feed was all
about social games and <a title="Zynga Contributed 15% of Facebook’s Revenue In Q1, Down From 19% A Year Ago" href="http://techcrunch.com/2012/04/23/zynga-made-up-15-of-facebooks-revenue-in-q1-down-from-19-a-year-ago/">they
made a large chunk of their money from getting 30% of Zynga's transactions on their
platform</a>. Over the past year it’s all mobile app install ads but they've already
started the long game to switch to stealing ad dollars from TV &amp; YouTube.
</p>
<p>
A few years ago, I remember reading about Facebook plan to have auto playing video
ads fro articles like <a title="Facebook Autoplay Ads Won&#39;t Be As Bad As You Think (But Everyone Will Still Hate Them)" href="http://www.huffingtonpost.com/2013/05/08/facebook-autoplay-ads_n_3237738.html">Facebook
Autoplay Ads Won't Be As Bad As You Think (But Everyone Will Still Hate Them)</a> and
thinking that this would be a very jarring experience in their product. However over
the past year or so, the news feed has been pumping a heavy diet of auto playing videos
from my friends to the extent that I’m now used to auto playing videos in the news
feed and honestly can’t distinguish auto playing video ads from auto playing viral
videos posted by my friends at first glance. This is the holy grail that Snapchat
needs to achieve to be worthy of using Facebook as a benchmark for its valuation but
unfortunately they do not have a canvas as malleable as the Facebook news feed or
even the Twitter time line.
</p>
<p>
<img title="Note" alt="Note" src="http://www.25hoursaday.com/weblog/images/music_note.gif" /> Now
Playing: <a href="http://www.amazon.com/s/ref=nb_sb_noss?url=search-alias%3Daps&amp;field-keywords=mike+will+made+it">Mike
Will Made It</a> – <a href="https://www.youtube.com/watch?v=9aDYCGGNlPM">Buy The World
(feat. Lil Wayne, Future &amp; Kendrick Lamar)</a> <img title="Note" alt="Note" src="http://www.25hoursaday.com/weblog/images/music_note.gif" />
</p>
<img width="0" height="0" src="http://www.25hoursaday.com/weblog/aggbug.ashx?id=056e4d0d-725a-4907-b018-69dee9f129b5" />http://www.25hoursaday.com/weblog/CommentView,guid,056e4d0d-725a-4907-b018-69dee9f129b5.aspxCompetitors/Web CompaniesDigital Advertisinghttp://www.25hoursaday.com/weblog/Trackback.aspx?guid=b32f411a-d4d0-42bb-b3a2-3995a95671a6http://www.25hoursaday.com/weblog/pingback.aspxhttp://www.25hoursaday.com/weblog/PermaLink,guid,b32f411a-d4d0-42bb-b3a2-3995a95671a6.aspxDare Obasanjohttp://www.25hoursaday.com/weblog/CommentView,guid,b32f411a-d4d0-42bb-b3a2-3995a95671a6.aspxhttp://www.25hoursaday.com/weblog/SyndicationService.asmx/GetEntryCommentsRss?guid=b32f411a-d4d0-42bb-b3a2-3995a95671a6

Thus it is a valid question for developers as to whether they can trust Twitter this
time? The answer is Yes for a very simple reason. Twitter’s API moves in 2012 and
yesterday’s announcements were borne from the same motives, to grow its primary business
of selling ads tied to their mobile experiences. In 2012, they had to address the
fact that their liberal exposure of their service via their API had created a situation
where a huge slice of their user base were using the app through experiences Twitter
could not effectively monetize.

This brings us to Fabric. All four components aid Twitters core business of selling
ads for mobile experiences.

Twitter Kit increases engagement with Twitter by making it easy for users
to consume and generate tweets from other apps without those apps being a threat to
Twitter by becoming competing experiences.

Digits allows Twitter to build a profile of users based on their phone number
the same way Facebook builds a profile of users based on the apps and websites they
visit that use Facebook Connect.

Crashlytics + MoPub is the Trojan horse with a approach to Flurry
which Yahoo acquired for $200 million. Crashlytics is a incredibly useful component
that is valuable to all mobile apps since they all care about user behavior and crashes.
Once you’re hooked on Crashlytics, it’s easier to upsell you to also using Twitters
ad network and hence $$$.

All of these efforts help Twitter’s core business and it would be insanity for them
to screw developers by abandoning them just as it would have been insanity for them
to pursue an ad-based business model in a world where a huge chunk of their most active
users were using 3rd party apps as their primary Twitter experience.

So go ahead, try out Fabric and judge it on its merits. I’m curious to hear what you
think.

Fabric: Why Developers Can Trust Twitter Won’t Screw Them This Timehttp://www.25hoursaday.com/weblog/PermaLink,guid,b32f411a-d4d0-42bb-b3a2-3995a95671a6.aspxhttp://www.25hoursaday.com/weblog/2014/10/23/FabricWhyDevelopersCanTrustTwitterWontScrewThemThisTime.aspx
Thu, 23 Oct 2014 14:45:09 GMT<p>
Yesterday <a href="https://blog.twitter.com/2014/introducing-fabric">Twitter announced
Fabric</a>, a new mobile SDK for Android and iOS composed of four distinct pieces
</p>
<ul>
<li>
<a href="https://try.crashlytics.com/">Crashlytics</a> – an application analytics
package that gives developers tools to measure how their apps are being used and measure
app quality in the wild (i.e. crashes).
</li>
<li>
<a href="https://dev.twitter.com/twitter-kit">Twitter Kit</a> – an SDK that makes
it add Twitter integration such as signing in with Twitter, embedding tweets or posting
tweets from your app
</li>
<li>
<a href="https://dev.twitter.com/mopub">MoPub Kit</a> – makes it easy to embed ads
from Twitter’s ad network in your app so you can make money
</li>
<li>
<a href="https://www.digits.com/">Digits</a> – makes it easy for any app to build
phone number based sign-in similar to what <a href="http://www.skype.com/en/qik/">Skype
Qik</a> and <a href="http://www.whatsapp.com/">WhatsApp</a> have. This is quite frankly <em>a
game changer</em>.
</li>
</ul>
<p>
The response to this release I’ve seen online have swung between two extremes, <a href="http://blogs.wsj.com/digits/2014/10/22/behind-flight-twitters-bold-attempt-to-make-nice-with-app-makers/">fawning
adoration from the tech press</a> proclaiming that Twitter has moved beyond tweets
into mobile services and <a href="http://www.marco.org/2014/10/20/wsj-twitter-peace-offering">skepticism
from developers </a>who don’t trust Twitter as represented in this tweet below
</p>
<blockquote lang="en" class="twitter-tweet">
<p>
Did Twitter address in any way their platform trust issues today? Innovation in guaranteeing
long term trustworthiness would be fascinating.
</p>
— kellan (@kellan) <a href="https://twitter.com/kellan/status/525079632463552512">October
23, 2014</a></blockquote>
<p>
<script async src="//platform.twitter.com/widgets.js" charset="utf-8"></script>
</p>
<p>
The root of this angst is Twitter’s tumultuous relationship with developers of Twitter
clients which eventually led to their <a href="https://blog.twitter.com/2012/changes-coming-to-twitter-api">infamous
quadrant of death post</a> which effectively limited the growth of any app whose primary
function was to be a replacement Twitter experience. This hurt many developers who
had been working on Twitter reading experiences and in fact led to <a href="http://www.businessinsider.com/flipboard-ceo-mike-mccue-has-left-twitters-board-of-directors-2012-8">the
CEO of Flipboard quitting Twitter’s board in disgust</a>.
</p>
<p>
Thus it is a valid question for developers as to whether they can trust Twitter this
time? The answer is Yes for a very simple reason. Twitter’s API moves in 2012 and
yesterday’s announcements were borne from the same motives, to grow its primary business
of selling ads tied to their mobile experiences. In 2012, they had to address the
fact that their liberal exposure of their service via their API had created a situation
where a huge slice of their user base were using the app through experiences Twitter
could not effectively monetize.&#160;
</p>
<p>
At the height of the 3rd party Twitter app boom <a href="http://techcrunch.com/2011/03/15/report-use-of-third-party-twitter-clients-dwindles-to-42-percent/">almost
half of their users were using official apps (42%)</a> although <a href="https://www.google.com/url?sa=t&amp;rct=j&amp;q=&amp;esrc=s&amp;source=web&amp;cd=4&amp;cad=rja&amp;uact=8&amp;ved=0CDEQFjAD&amp;url=http%3A%2F%2Fwww.theverge.com%2F2012%2F7%2F24%2F3183124%2Ftwitter-third-party-apps-study-benjamin-mayo&amp;ei=nQ9JVNbqI4-1yATIg4HQBQ&amp;usg=AFQjCNHJyBeUr7r-BHMlpb9hOkdth4Ecww&amp;sig2=C9dsUfig5ozC5sbp6PyGZQ">that
percentage dwindled</a> as they stepped up their mobile app efforts and sent the message
to app developers that they no longer wanted people to compete with them on providing
mobile experiences.
</p>
<p>
<img src="http://tctechcrunch2011.files.wordpress.com/2011/03/sysomos-1.png" />&#160;
</p>
<p>
Taking control of the primary user experience for Twitter was the smart business decision
and is why <a href="http://www.businessinsider.com/twitter-q2-earnings-2014-7">they
now&#160; generate over a billion dollars a year as a business</a>.
</p>
<p>
This brings us to Fabric. All four components aid Twitters core business of selling
ads for mobile experiences.
</p>
<ul>
<li>
<em>Twitter Kit</em> increases engagement with Twitter by making it easy for users
to consume and generate tweets from other apps without those apps being a threat to
Twitter by becoming competing experiences.
</li>
<li>
<em>Digits</em> allows Twitter to build a profile of users based on their phone number
the same way Facebook builds a profile of users based on the apps and websites they
visit that use Facebook Connect.
</li>
<li>
<em>Crashlytics</em> + <em>MoPub</em> is the Trojan horse with a approach to <a href="http://techcrunch.com/2014/07/21/yahoo-is-buying-mobile-analytics-firm-flurry-for-north-of-200m/">Flurry
which Yahoo acquired for $200 million</a>. Crashlytics is a incredibly useful component
that is valuable to all mobile apps since they all care about user behavior and crashes.
Once you’re hooked on Crashlytics, it’s easier to upsell you to also using Twitters
ad network and hence $$$.
</li>
</ul>
<p>
All of these efforts help Twitter’s core business and it would be insanity for them
to screw developers by abandoning them just as it would have been insanity for them
to pursue an ad-based business model in a world where a huge chunk of their most active
users were using 3rd party apps as their primary Twitter experience.
</p>
<p>
So go ahead, try out Fabric and judge it on its merits. I’m curious to hear what you
think.
</p>
<p>
<img title="Note" alt="Note" src="http://www.25hoursaday.com/weblog/images/music_note.gif" /> Now
Playing: <a href="http://www.amazon.com/Chris-Brown/e/B000AQ4T9M/digital/ref=ntt_mp3_rdr?_encoding=UTF8&amp;sn=d">Chris
Brown</a> – <a href="http://www.amazon.com/Loyal-Explicit/dp/B00MXC1BW4">Loyal (featuring
Lil Wayne and Tyga)</a> <img title="Note" alt="Note" src="http://www.25hoursaday.com/weblog/images/music_note.gif" />
</p>
<img width="0" height="0" src="http://www.25hoursaday.com/weblog/aggbug.ashx?id=b32f411a-d4d0-42bb-b3a2-3995a95671a6" />http://www.25hoursaday.com/weblog/CommentView,guid,b32f411a-d4d0-42bb-b3a2-3995a95671a6.aspxPlatformshttp://www.25hoursaday.com/weblog/Trackback.aspx?guid=0c04e659-2dbe-4dd0-b27d-307458415fdahttp://www.25hoursaday.com/weblog/pingback.aspxhttp://www.25hoursaday.com/weblog/PermaLink,guid,0c04e659-2dbe-4dd0-b27d-307458415fda.aspxDare Obasanjohttp://www.25hoursaday.com/weblog/CommentView,guid,0c04e659-2dbe-4dd0-b27d-307458415fda.aspxhttp://www.25hoursaday.com/weblog/SyndicationService.asmx/GetEntryCommentsRss?guid=0c04e659-2dbe-4dd0-b27d-307458415fda

I’ve read a number of articles about account security, passwords and secret questions
this week for obvious
reasons. Although I’ve seen a number of posts directed at end users as to how
to better safeguard their accounts, I haven’t seen anything similar providing guidance
to developers of online services on how to better safeguard their users in what is
a very hostile environment.

Below are the top five (plus a bonus one) account security features that every competent
online service should have implemented. None of these are ground breaking but it is
quite clear that many services that we all use every day don’t implement even these
basic security features thus putting our data at risk.

Strong passwords including banning common passwords: The most basic practice
is requiring that users create a strong
password often by requiring some combination of minimum length, at least one of
upper & lower case character and encouraging the use of punctuation. Although
this is a good first steps there are other steps services need to take to ensure their
users are using hard to guess passwords. One such approach is to take a look at the
common common
choices of user passwords that have been
observed as a result of website hacks.

Analysis of these lists show that people are quite predictable and you often find
"password", "abc123", "letmein" or the name of the website
being used by a sizable percentage of the users on your site. It thus makes sense
to ban users from using any of these fairly common passwords which can then lead to
successful drive-by hacking incidents. For example, a hacker can take the basic approach
of trying to log-in to a bunch of users accounts using "password", "123456"
as their email address and if past history is a judge can end up compromising thousands
of user accounts with just this brain dead tactic.

Throttling failed password attempts: Regardless of how strong a user’s password
is, it is trying to stop a bullet with a wet paper towel against a dedicated brute
force attack if no protections are in place. Password cracking tools like John
the Ripper can crack a strong eight character password in about 15 minutes. This
means to fully protect users, online services should have a limit on how often a user
can fail a password challenge before you put some road blocks in their way. These
road blocks can include exponentially increasing delays after each failed attempt
(wait 1 minute, if failed again then 2 minutes, etc) or requiring the person to solve
a CAPTCHA to prove they are human.

Another thing services should do is look at patterns of failed password attempts to
see if broader prevention strategies are necessary. For example, if you are seeing
hundreds of users failing multiple password attempts from a particular IP range you
may want to block that IP range since given our previous discussion about weak passwords
they probably have successfully hacked some of your accounts.

2-factor authentication: Every online service should give customers the option
to trade convenience (i.e. password only sign in) with more security. Two-factor
authentication is typically the practice of combining something the user knows
(e.g. a password) with something the user has (e.g. their smart phone or biometric
data). Although more inconvenient than just providing a password, it greatly increases
the security for users who may be desirable targets for account hijackings or when
providing a service that holds sensitive data. This is why it is supported by a number
of popular
online service providers including Google, Microsoft and Twitter.

A common practice to improve the usability of 2-factor authentication is to give users
the option to only require it the first time the sign-in from a particular device.
This means that once the user goes through the two step authentication process from
a new computer, you can assume that that device is safe and then only require a password
the next time they sign in from that device.

Choose better secret questions or better yet replace them with proofs: Inevitably,
users will forget the password they use with your service especially if you require
strong passwords and have a policy that is incompatible with their default password
choice (which hopefully isn’t “password1” ).
A common practice, which has now become an Achilles heel of account security, is to
have a set of back up questions that you ask the user if they have forgotten their
password. The problem for account security is that it is often easier to guess the
answers to these questions than it is to hack the user’s password. There is a great
check list for what makes a good secret question at goodsecurityquestions.com with
examples of good, fair and poor security questions.

In general you should avoid security questions because most can be easily guessed
such as what is your favorite color or sports team and for others their answers can
be easily found on Facebook such as where the user went to high school or via social
engineering your friends. A much better approach is to use a similar approach to 2-factor
authentication where a user provides proof of something they have such as their smartphone
(send an SMS) or alternate email account (send an email) to verify that they are who
they say they are.

Show customers their sign-in activity: When all else fails, it is important
to give your customers the tools to figure out for themselves if they have been hacked.
A good way to do this is to let them know of sign-in attempts that have occurred on
their account so they can that either failed or were successful. Google does this
today via its last account
activity feature. You can find this by going to security.google.com and
click Recent activity under “Security” on the left. Microsoft provides this
with its recent
activity feature which you can find by going to https://account.live.com/activity.

Implementing these features isn’t a cure all for account security woes and should
instead be treated as the minimum bar for providing a reasonable level of security
for your users.

5 Account Security Features Every Online Service Should Implement But Doesn'thttp://www.25hoursaday.com/weblog/PermaLink,guid,0c04e659-2dbe-4dd0-b27d-307458415fda.aspxhttp://www.25hoursaday.com/weblog/2014/09/05/5AccountSecurityFeaturesEveryOnlineServiceShouldImplementButDoesnt.aspx
Fri, 05 Sep 2014 13:32:38 GMT<p>
I’ve read a number of articles about account security, passwords and secret questions
this week for <a href="https://www.bing.com/news/search?q=celebgate&amp;FORM=HDRSC6">obvious
reasons</a>. Although I’ve seen a number of posts directed at end users as to how
to better safeguard their accounts, I haven’t seen anything similar providing guidance
to developers of online services on how to better safeguard their users in what is
a very hostile environment.
</p>
<p>
Below are the top five (plus a bonus one) account security features that every competent
online service should have implemented. None of these are ground breaking but it is
quite clear that many services that we all use every day don’t implement even these
basic security features thus putting our data at risk.
</p>
<ol>
<li>
<u>Strong passwords including banning common passwords:</u> The most basic practice
is requiring that users create a <a href="http://en.wikipedia.org/wiki/Password_strength">strong
password</a> often by requiring some combination of minimum length, at least one of
upper &amp; lower case character and encouraging the use of punctuation. Although
this is a good first steps there are other steps services need to take to ensure their
users are using hard to guess passwords. One such approach is to take a look at the
common <a href="http://passwordreset.org/others/most-common-computer-password.html">common
choices</a> of user passwords that have <a href="http://blog.jimmyr.com/Password_analysis_of_databases_that_were_hacked_28_2009.php">been
observed as a result of website hacks</a>.&#160;
<p>
Analysis of these lists show that people are quite predictable and you often find
&quot;password&quot;, &quot;abc123&quot;, &quot;letmein&quot; or the name of the website
being used by a sizable percentage of the users on your site. It thus makes sense
to ban users from using any of these fairly common passwords which can then lead to
successful drive-by hacking incidents. For example, a hacker can take the basic approach
of trying to log-in to a bunch of users accounts using &quot;password&quot;, &quot;123456&quot;
as their email address and if past history is a judge can end up compromising thousands
of user accounts with just this brain dead tactic.
</p>
</li>
<li>
<p>
<u>Throttling failed password attempts:</u> Regardless of how strong a user’s password
is, it is trying to stop a bullet with a wet paper towel against a dedicated <a href="http://en.wikipedia.org/wiki/Password_cracking">brute
force attack</a> if no protections are in place. Password cracking tools like <a href="http://en.wikipedia.org/wiki/John_the_Ripper">John
the Ripper</a> can crack a strong eight character password in about 15 minutes. This
means to fully protect users, online services should have a limit on how often a user
can fail a password challenge before you put some road blocks in their way. These
road blocks can include exponentially increasing delays after each failed attempt
(wait 1 minute, if failed again then 2 minutes, etc) or requiring the person to solve
a CAPTCHA to prove they are human.
</p>
<p>
Another thing services should do is look at patterns of failed password attempts to
see if broader prevention strategies are necessary. For example, if you are seeing
hundreds of users failing multiple password attempts from a particular IP range you
may want to block that IP range since given our previous discussion about weak passwords
they probably have successfully hacked some of your accounts.
</p>
</li>
<li>
<p>
<u>2-factor authentication:</u> Every online service should give customers the option
to trade convenience (i.e. password only sign in) with more security. <a href="http://en.wikipedia.org/wiki/Multi-factor_authentication">Two-factor
authentication</a> is typically the practice of combining something the user knows
(e.g. a password) with something the user has (e.g. their smart phone or biometric
data). Although more inconvenient than just providing a password, it greatly increases
the security for users who may be desirable targets for account hijackings or when
providing a service that holds sensitive data. This is why it is supported by a number
of <a href="https://www.eff.org/deeplinks/2013/05/howto-two-factor-authentication-twitter-and-around-web">popular
online service providers including Google, Microsoft and Twitter</a>.
</p>
<p>
A common practice to improve the usability of 2-factor authentication is to give users
the option to only require it the first time the sign-in from a particular device.
This means that once the user goes through the two step authentication process from
a new computer, you can assume that that device is safe and then only require a password
the next time they sign in from that device.&#160;
</p>
</li>
<li>
<p>
<u>Choose better secret questions or better yet replace them with proofs:</u> Inevitably,
users will forget the password they use with your service especially if you require
strong passwords and have a policy that is incompatible with their default password
choice (which hopefully isn’t “password1” <img class="wlEmoticon wlEmoticon-smile" style="border-top-style: none; border-bottom-style: none; border-right-style: none; border-left-style: none" alt="Smile" src="http://www.25hoursaday.com/weblog/content/binary/Windows-Live-Writer/9dd54e4bf9fb_47BC/wlEmoticon-smile_2.png" />).
A common practice, which has now become an Achilles heel of account security, is to
have a set of back up questions that you ask the user if they have forgotten their
password. The problem for account security is that it is often easier to guess the
answers to these questions than it is to hack the user’s password. There is a great
check list for what makes a good secret question at <a title="http://www.technologyreview.com/news/413505/are-your-secret-questions-too-easily-answered/" href="http://goodsecurityquestions.com/examples">goodsecurityquestions.com</a> with
examples of good, fair and poor security questions.
</p>
<p>
In general you should avoid security questions because most can be easily guessed
such as what is your favorite color or sports team and for others their answers can
be easily found on Facebook such as where the user went to high school or via social
engineering your friends. A much better approach is to use a similar approach to 2-factor
authentication where a user provides proof of something they have such as their smartphone
(send an SMS) or alternate email account (send an email) to verify that they are who
they say they are.
</p>
</li>
<li>
<p>
<u>Show customers their sign-in activity:</u> When all else fails, it is important
to give your customers the tools to figure out for themselves if they have been hacked.
A good way to do this is to let them know of sign-in attempts that have occurred on
their account so they can that either failed or were successful. Google does this
today via its <a href="https://support.google.com/mail/answer/45938?hl=en">last account
activity</a> feature. You can find this by going to <a href="https://security.google.com/">security.google.com</a> and
click <em>Recent activity</em> under “Security” on the left. Microsoft provides this
with its <a title="http://www.microsoft.com/en-us/account/security/recentactivity.aspx" href="http://www.microsoft.com/en-us/account/security/recentactivity.aspx">recent
activity feature</a> which you can find by going to <a href="https://account.live.com/activity">https://account.live.com/activity</a>.
</p>
</li>
</ol>
<p>
Implementing these features isn’t a cure all for account security woes and should
instead be treated as the minimum bar for providing a reasonable level of security
for your users.&#160;
</p>
<p>
&#160;
</p>
<h2>
</h2>
<p>
<img title="Note" alt="Note" src="http://www.25hoursaday.com/weblog/images/music_note.gif" /> Now
Playing: <a href="http://www.amazon.com/Beyonce/e/B000APOLQ4">Beyonce</a> – <a href="http://flawless.beyonce.com">Flawless
Remix (featuring Nicki Minaj)</a> <img title="Note" alt="Note" src="http://www.25hoursaday.com/weblog/images/music_note.gif" />
</p>
<img width="0" height="0" src="http://www.25hoursaday.com/weblog/aggbug.ashx?id=0c04e659-2dbe-4dd0-b27d-307458415fda" />http://www.25hoursaday.com/weblog/CommentView,guid,0c04e659-2dbe-4dd0-b27d-307458415fda.aspxCloud ComputingProgramminghttp://www.25hoursaday.com/weblog/Trackback.aspx?guid=d0fc90f6-fd9f-4613-95d9-ea0bc95bc2echttp://www.25hoursaday.com/weblog/pingback.aspxhttp://www.25hoursaday.com/weblog/PermaLink,guid,d0fc90f6-fd9f-4613-95d9-ea0bc95bc2ec.aspxDare Obasanjohttp://www.25hoursaday.com/weblog/CommentView,guid,d0fc90f6-fd9f-4613-95d9-ea0bc95bc2ec.aspxhttp://www.25hoursaday.com/weblog/SyndicationService.asmx/GetEntryCommentsRss?guid=d0fc90f6-fd9f-4613-95d9-ea0bc95bc2ec2

It shows how Facebook data scientists tweaked the algorithm that determines which
posts appear on users’ news feeds—specifically, researchers skewed the number of positive
or negative terms seen by randomly selected users. Facebook then analyzed the future
postings of those users over the course of a week to see if people responded with
increased positivity or negativity of their own, thus answering the question of whether
emotional states can be transmitted across a social network. Result: They can! Which
is great news for Facebook data scientists hoping to prove a point about modern psychology.
It’s less great for the people having their emotions secretly manipulated.

The strange thing about the recent uproar is that the focus of the anger seems to
be that Facebook ran the experiment. This is strange if you actually stop and think
about what we actually know as humans.

1. People are influenced by what they see including what they see on social networks
like Facebook. Remember all those, "Facebook
makes you sadder" headlines from a year or two ago? How about the fact that
just yesterday, the MayDay PAC raised $5 million
from almost 50,000 people thanks to viral sharing on social media sites by people
like George
Takei? These are thousands of people being influenced to spend money to change
how their government works based on what they saw in their news feed.

For each of these waves of content dominating our news feeds, some product manager
decided to turn up or turn down the dial of said content based on our “engagement”
with Facebook. There is no outside party vetting these changes nor is there even a
way for such an interested party to even tell what these changes are. It is quite
unprecedented in the history of the world for any entity (company or government) to
control so much of the media that millions of people see daily without any visibility
into its agenda or the content it is feeding to its subjects.

Most people who are still bloviating
on this topic on Techmeme are upset that Facebook “manipulated people’s emotions
without any oversight for an experiment” when the reality is that Facebook manipulates
people’s emotions via tinkering with the news feed to increase their engagement (i.e.
time spent on the site looking at ads) every minute of every hour of every day.

That’s why Sheryl Sandberg gave this shrug as she responded that the major problem
with the experiment is that it
was poorly communicated. She’s right. Facebook does this every day. Manipulating
your behavior by manipulating your news feed is their primary business. If anything,
this experiment should be commended because it implies Facebook had at least at one
point considered the impact of this manipulation on the psychological health of its
users and wanted to understand it better.

Speaking of lack of oversight and transparency, one can’t help but wonder what subtle
dampeners or viral boosts Facebook puts on sharing of content depending on the politics
of the situation. For example, it’s interesting that George Takei posts still garner
hundreds of thousands of likes each time they show up when other
Facebook pages are seeing double digit percentage declines. With other media like
Fox News or the Wall Street Journal, their agenda is understood by all and quite clear.
On the other hand, Facebook editing which content from your friends or brands that
you see, is driven by an unknown agenda while masquerading as serendipitous and organic
content.

Maybe Facebook doesn’t manipulate your feed depending on politics. Maybe it did at
one time then stopped. Maybe they will in the future. We don’t know and if it ever
does happen we won’t even realize it.

So go ahead and freak out about one A/B test in 2012. That totally seems like the
most worrisome thing about Facebook’s power over its users.

Facebook’s Newsfeed Experiment: Most people have grabbed the wrong end of the stickhttp://www.25hoursaday.com/weblog/PermaLink,guid,d0fc90f6-fd9f-4613-95d9-ea0bc95bc2ec.aspxhttp://www.25hoursaday.com/weblog/2014/07/05/FacebooksNewsfeedExperimentMostPeopleHaveGrabbedTheWrongEndOfTheStick.aspx
Sat, 05 Jul 2014 17:35:43 GMT<p>
For the past couple of days, the tech press has been in an uproar from the news initially
published in the AV Club that <a href="http://www.avclub.com/article/facebook-tinkered-users-feeds-massive-psychology-e-206324">Facebook
tinkered with users’ feeds for a massive psychology experiment in 2012</a>. The money
quote from the article is below
</p>
<blockquote>
<p>
<em>It shows how Facebook data scientists tweaked the algorithm that determines which
posts appear on users’ news feeds—specifically, researchers skewed the number of positive
or negative terms seen by randomly selected users. Facebook then analyzed the future
postings of those users over the course of a week to see if people responded with
increased positivity or negativity of their own, thus answering the question of whether
emotional states can be transmitted across a social network. Result: They can! Which
is great news for Facebook data scientists hoping to prove a point about modern psychology.
It’s less great for the people having their emotions secretly manipulated.</em>
</p>
</blockquote>
<p>
The strange thing about the recent uproar is that the focus of the anger seems to
be that Facebook ran the experiment. This is strange if you actually stop and think
about what we actually know as humans.
</p>
<p>
1. People are influenced by what they see including what they see on social networks
like Facebook. Remember all those, <a href="http://www.theverge.com/2013/8/22/4647916/facebook-isnt-making-you-depressed-the-internet-is">&quot;Facebook
makes you sadder&quot; headlines</a> from a year or two ago? How about the fact that
just yesterday, <a href="https://mayday.us/">the MayDay PAC</a> raised $5 million
from almost 50,000 people thanks to viral sharing on social media sites by people
like <a href="http://www.inquisitr.com/1334571/george-takei-urges-massive-fan-base-to-donate-to-mayday-pac/">George
Takei</a>? These are thousands of people being influenced to spend money to change
how their government works based on what they saw in their news feed.
</p>
<p>
2. Facebook controls what you see in your news feed.
</p>
<p>
The second point can’t be emphasized enough. Remember <a href="http://techcrunch.com/2014/04/03/the-filtered-feed-problem/">when
Facebook explicitly spelled out how Edgerank works</a>?
</p>
<p>
<img src="http://i1.wp.com/tctechcrunch2011.files.wordpress.com/2014/04/facebook-news-feed-edgerank-algorithm.jpg?resize=565%2C333" />
</p>
<p>
Over the past few years, Facebook has made hundreds of tweaks to the news feed. Some
we notice and others we don’t. The above image was from an article explaining one
such tweak which caused posts by brands to start showing up much less in the news
feed. Over the past few years Facebook’s news feed tweaks have caused our feeds to
be filled with too much and then over time very few <a href="http://nypost.com/2014/02/24/why-online-quizzes-are-taking-over-your-facebook-feed/">quizzes
and polls</a>, <a href="http://www.forbes.com/sites/tomiogeron/2012/07/31/facebooks-dependence-on-zynga-drops-zyngas-revenue-to-facebook-flat/">Zynga
games like Mafia Wars &amp; Farmville</a>, <a href="http://www.buzzfeed.com/jwherrman/facebook-social-readers-are-all-collapsing">articles
my friends are reading from social readers</a>, <a href="http://www.huffingtonpost.com/2013/03/11/facebook-apps_n_2850893.html">videos
from social video sites like Viddy</a>, <a href="http://mashable.com/2013/10/30/bitstrips-walkthrough/">Bitstrips
comics</a> and of course, <a href="http://knowmore.washingtonpost.com/2014/02/03/why-you-always-see-upworthys-articles-on-facebook/">Upworthy
articles</a> to name a few.
</p>
<p>
For each of these waves of content dominating our news feeds, some product manager
decided to turn up or turn down the dial of said content based on our “engagement”
with Facebook. There is no outside party vetting these changes nor is there even a
way for such an interested party to even tell what these changes are. It is quite
unprecedented in the history of the world for any entity (company or government) to
control so much of the media that millions of people see daily without any visibility
into its agenda or the content it is feeding to its subjects.
</p>
<p>
Most people <a href="http://www.techmeme.com/140705/p3#a140705p3">who are still bloviating
on this topic on Techmeme</a> are upset that Facebook “manipulated people’s emotions
without any oversight for an experiment” when the reality is that Facebook manipulates
people’s emotions via tinkering with the news feed to increase their engagement (i.e.
time spent on the site looking at ads) every minute of every hour of every day.&#160;
</p>
<p>
<img src="http://data1.ibtimes.co.in/en/full/526413/sheryl-sandberg-coo-facebook.jpg" width="300" height="200" />
</p>
<p>
That’s why Sheryl Sandberg gave this shrug as she responded that the major problem
with the experiment is that <a href="http://www.mediabistro.com/prnewser/sheryl-sandberg-shrugs-off-facebooks-latest-scandal_b95152">it
was poorly communicated</a>. She’s right. Facebook does this every day. Manipulating
your behavior by manipulating your news feed is their primary business. If anything,
this experiment should be commended because it implies Facebook had at least at one
point considered the impact of this manipulation on the psychological health of its
users and wanted to understand it better.
</p>
<p>
Speaking of lack of oversight and transparency, one can’t help but wonder what subtle
dampeners or viral boosts Facebook puts on sharing of content depending on the politics
of the situation. For example, it’s interesting that George Takei posts still garner
hundreds of thousands of likes each time they show up when <a href="http://finance.yahoo.com/news/facebook-brand-engagement-plummets-study-165930659.html">other
Facebook pages are seeing double digit percentage declines</a>. With other media like
Fox News or the Wall Street Journal, their agenda is understood by all and quite clear.
On the other hand, Facebook editing which content from your friends or brands that
you see, is driven by an unknown agenda while masquerading as serendipitous and organic
content.
</p>
<p>
Maybe Facebook doesn’t manipulate your feed depending on politics. Maybe it did at
one time then stopped. Maybe they will in the future. We don’t know and if it ever
does happen we won’t even realize it.
</p>
<p>
So go ahead and freak out about one A/B test in 2012. That totally seems like the
most worrisome thing about Facebook’s power over its users.
</p>
<p>
<img title="Note" alt="Note" src="http://www.25hoursaday.com/weblog/images/music_note.gif" /> Now
Playing: <a href="http://www.amazon.com/Rick-Ross/e/B00197GPLQ/digital/ref=ntt_mp3_rdr?_encoding=UTF8&amp;sn=d">Rick
Ross</a> – <a href="http://www.amazon.com/Nobody-feat-French-Montana-Explicit/dp/B00IGNXFP0/ref=sr_1_1?s=dmusic&amp;ie=UTF8&amp;qid=1404581702&amp;sr=1-1&amp;keywords=rick+ross+nobody">Nobody
(featuring French Montana)</a> <img title="Note" alt="Note" src="http://www.25hoursaday.com/weblog/images/music_note.gif" />
</p>
<img width="0" height="0" src="http://www.25hoursaday.com/weblog/aggbug.ashx?id=d0fc90f6-fd9f-4613-95d9-ea0bc95bc2ec" />http://www.25hoursaday.com/weblog/CommentView,guid,d0fc90f6-fd9f-4613-95d9-ea0bc95bc2ec.aspxSocial Softwarehttp://www.25hoursaday.com/weblog/Trackback.aspx?guid=9394ca1e-321b-4a36-8c91-d6b044790af7http://www.25hoursaday.com/weblog/pingback.aspxhttp://www.25hoursaday.com/weblog/PermaLink,guid,9394ca1e-321b-4a36-8c91-d6b044790af7.aspxDare Obasanjohttp://www.25hoursaday.com/weblog/CommentView,guid,9394ca1e-321b-4a36-8c91-d6b044790af7.aspxhttp://www.25hoursaday.com/weblog/SyndicationService.asmx/GetEntryCommentsRss?guid=9394ca1e-321b-4a36-8c91-d6b044790af73

As I write this the latest version of Skype
for the iPhone has a 2 star rating as does Swarm
by Foursquare. What these apps have in common is that they are both part of bold
attempts to redesign a well-known and popular app which are being rejected by its
core constituency. A consequence of my time working on Windows 8 is that I now obsess
quite a bit about redesigning apps and determining what warning signs indicate that
you are either going to greatly please or strongly offend your best users.

When I worked on Windows 8, there were a number of slogans that the team used to ensure
the principles behind the work we were doing were understood by all. Some of them
such as “content
over chrome” were counterproductive in that slavish devotion to them led to ignoring
decades of usability research by eschewing affordances and hiding navigation/controls
within apps. However there were other principles from the Windows 8 era which I wish
app developers took more to heart such as “win
as one” which encouraged consistency with the overall platform’s UI model &
working with other apps and “change
is bad unless it's great” which encouraged respecting the past and only making
changes that provided a noticeably better user experience.

In addition to these two principles, I’ll add one more for app developer to keep in
mind whenever the time calls for a redesign; “minimize the impacts of loss aversion”.
For those who aren’t familiar with the term, loss
aversion (aka the endowment effect) is the tendency for humans to strongly prefer
avoiding losses to making gains. What this means for developers is that end users
will react more strongly to losing a feature than they would to gaining that same
feature. There are numerous studies that show how absurd humans can be in the face
of loss aversion no matter how minor. My favorite example is how much people overreact
to loss aversion when it comes to grocery shopping as taken from this
blog post by Jon Geeting

There was a law set up last month in D.C. (passed unanimously by city council)
to place a five-cent
tax on paper and plastic bags at grocery stores, pharmacies and other
food-service providers. So, basically, if I went shopping, my total came to $35.20,
and I needed one bag to put it in, my total would then become $35.25. Similarly, if
I needed two bags, my total would become $35.30, and so on — while if I simply bought
reusable bags, I would be subject to no tax.

From what I hear from people in D.C., they absolutely hate it. Even though it’s
just an extra five cents, they want absolutely nothing to do with it. They
really want that nickel. So many people use less bags, bring their own, or just try
to balance everything without one on their trip home. Think about how much
less waste and pollution there is in D.C. now, because of a measly five-cent fee.

On the flip side, if you told people you’d give them 5 cents for each bag they brought
from home they’d laugh in your face. Nobody is going to do an extra bit of work to
be paid five cents even though they would do that work to avoid paying 5 cents. That’s
loss aversion at work.

To recap, if you are redesigning an app you need to keep these three rules in mind

Win as one: Whatever changes you make must feel like a consistent whole both
within the app and with the platform your app resides on. Swarm and Foursquare have
completely different aesthetics and integrate in a fairly disjointed manner often
with no way to easily jump back and forth between both apps. Skype
for iPhone is pretty much a Windows Phone app in look and feel complete with pivot
controls and cut off title text. This is a very jarring experience compared to everything
else on iOS.

Change is bad unless it’s great: App developers need to be honest with themselves
about whether a redesign is about solving a customer problem in a better way or is
part of a corporate strategy. Facebook news feed is an example of a redesign which
was actually driven by a need to solve customer problems which is why although
it met with a massive user revolt at first, once people used it they loved it
and the anger died down. Swarm exists because FourSquare now wants to compete with
Yelp and needs to shed its history as a social check-in app which it sees as baggage
as it evolves into a social discovery engine of things to do in your city. From an
end user perspective, Skype for iPhone’s redesign is about making the app look and
feel like a Microsoft metro-style app. Given these primary goals, it is no surprise
that end users can tell that solving their problems came in second place as they review
these apps.

Minimize the impacts of loss aversion: Coupling a redesign with taking away
features means people will focus on the missing features instead of whatever benefits
you have provided with the redesign. Foursquare took away badges,
mayorships, social feed of your friends check-ins and points as part of the split
that created Swarm. There are a large number of one star reviews of the Swarm app
complaining about these missing features. Skype for iPhone’s initial release took
away deleting & editing messages while making others harder to find. Even features
that are used once in a blue moon seem mission critical once people find out they
are gone. Taking away features will always sting more than the actual value of those
features. Taking multiple features away as part of a redesign means any benefits of
the redesign will be lost in the ensuing outrage about the missing features.

Change is bad unless it’s great: Lessons from user revolts against Foursquare’s Swarm and the new Skype for iPhonehttp://www.25hoursaday.com/weblog/PermaLink,guid,9394ca1e-321b-4a36-8c91-d6b044790af7.aspxhttp://www.25hoursaday.com/weblog/2014/06/23/ChangeIsBadUnlessItsGreatLessonsFromUserRevoltsAgainstFoursquaresSwarmAndTheNewSkypeForIPhone.aspx
Mon, 23 Jun 2014 14:04:11 GMT<p>
As I write this the latest version of <a href="https://itunes.apple.com/us/app/skype/id304878510?mt=8">Skype
for the iPhone</a> has a 2 star rating as does <a href="https://itunes.apple.com/us/app/swarm-by-foursquare/id870161082?mt=8">Swarm
by Foursquare</a>. What these apps have in common is that they are both part of bold
attempts to redesign a well-known and popular app which are being rejected by its
core constituency. A consequence of my time working on Windows 8 is that I now obsess
quite a bit about redesigning apps and determining what warning signs indicate that
you are either going to greatly please or strongly offend your best users.
</p>
<p>
When I worked on Windows 8, there were a number of slogans that the team used to ensure
the principles behind the work we were doing were understood by all. Some of them
such as “<a href="http://ofspaceshipsandboomboxes.wordpress.com/2012/08/26/content-over-chrome/">content
over chrome</a>” were counterproductive in that slavish devotion to them led to ignoring
decades of usability research by eschewing affordances and hiding navigation/controls
within apps. However there were other principles from the Windows 8 era which I wish
app developers took more to heart such as “<a href="http://msdn.microsoft.com/en-us/library/windows/apps/Hh781237.aspx">win
as one</a>” which encouraged consistency with the overall platform’s UI model &amp;
working with other apps and “<a href="http://msdn.microsoft.com/en-us/library/gg886609.aspx">change
is bad unless it's great</a>” which encouraged respecting the past and only making
changes that provided a noticeably better user experience.&#160;
</p>
<p>
In addition to these two principles, I’ll add one more for app developer to keep in
mind whenever the time calls for a redesign; “minimize the impacts of loss aversion”.
For those who aren’t familiar with the term, <a href="http://en.wikipedia.org/wiki/Loss_aversion">loss
aversion (aka the endowment effect)</a> is the tendency for humans to strongly prefer
avoiding losses to making gains. What this means for developers is that end users
will react more strongly to losing a feature than they would to gaining that same
feature. There are numerous studies that show how absurd humans can be in the face
of loss aversion no matter how minor. My favorite example is how much people overreact
to loss aversion when it comes to grocery shopping as taken from <a href="http://www.jongeeting.net/?p=51">this
blog post by Jon Geeting</a>
</p>
<blockquote>
<p>
<em>There was a law set up last month in D.C. (passed unanimously by city council)
to place a </em><a href="http://www.washingtonpost.com/wp-dyn/content/article/2009/06/02/AR2009060201989.html"><em>five-cent
tax</em></a><em> on paper and plastic bags at grocery stores, pharmacies and other
food-service providers. So, basically, if I went shopping, my total came to $35.20,
and I needed one bag to put it in, my total would then become $35.25. Similarly, if
I needed two bags, my total would become $35.30, and so on — while if I simply bought
reusable bags, I would be subject to no tax.</em>
</p>
<p>
<em>From what I hear from people in D.C., they absolutely hate it. Even though it’s
just an extra five cents, they want absolutely nothing to do with it. <font color="#ff0000">They
really want that nickel. So many people use less bags, bring their own, or just try
to balance everything without one on their trip home.</font> Think about how much
less waste and pollution there is in D.C. now, because of a measly five-cent fee.</em>
</p>
</blockquote>
<p>
On the flip side, if you told people you’d give them 5 cents for each bag they brought
from home they’d laugh in your face. Nobody is going to do an extra bit of work to
be paid five cents even though they would do that work to avoid paying 5 cents. That’s
loss aversion at work.
</p>
<p>
To recap, if you are redesigning an app you need to keep these three rules in mind
</p>
<ol>
<li>
<p>
<u>Win as one:</u> Whatever changes you make must feel like a consistent whole both
within the app and with the platform your app resides on. <a href="http://blog.foursquare.com/post/85826325458/swarm-is-ready-for-you-download-it-now">Swarm</a> and <a href="https://www.facebook.com/foursquare/posts/147203988785132">Foursquare</a> have
completely different aesthetics and integrate in a fairly disjointed manner often
with no way to easily jump back and forth between both apps. <a href="https://iphone.skype.com/en-us/">Skype
for iPhone</a> is pretty much a Windows Phone app in look and feel complete with pivot
controls and cut off title text. This is a very jarring experience compared to everything
else on iOS.
</p>
</li>
<li>
<p>
<u>Change is bad unless it’s great:</u> App developers need to be honest with themselves
about whether a redesign is about solving a customer problem in a better way or is
part of a corporate strategy. Facebook news feed is an example of a redesign which
was actually driven by a need to solve customer problems which is why <a href="https://www.facebook.com/notes/facebook/calm-down-breathe-we-hear-you/2208197130">although
it met with a massive user revolt at first</a>, once people used it they loved it
and the anger died down. Swarm exists because FourSquare now wants to compete with
Yelp and needs to shed its history as a social check-in app which it sees as baggage
as it evolves into a social discovery engine of things to do in your city. From an
end user perspective, Skype for iPhone’s redesign is about making the app look and
feel like a Microsoft metro-style app. Given these primary goals, it is no surprise
that end users can tell that solving their problems came in second place as they review
these apps.
</p>
</li>
<li>
<p>
<u>Minimize the impacts of loss aversion:</u> Coupling a redesign with taking away
features means people will focus on the missing features instead of whatever benefits
you have provided with the redesign. Foursquare took away <a href="http://searchenginewatch.com/article/2344325/From-Foursquare-to-Swarm-Mayor-2.0-Insights-Stickers-Goodbye-Badges">badges,
mayorships, social feed of your friends check-ins and points</a> as part of the split
that created Swarm. There are a large number of one star reviews of the Swarm app
complaining about these missing features. Skype for iPhone’s initial release took
away deleting &amp; editing messages while making others harder to find. Even features
that are used once in a blue moon seem mission critical once people find out they
are gone. Taking away features will always sting more than the actual value of those
features. Taking multiple features away as part of a redesign means any benefits of
the redesign will be lost in the ensuing outrage about the missing features.
</p>
</li>
</ol>
<p>
<img title="Note" alt="Note" src="http://www.25hoursaday.com/weblog/images/music_note.gif" /> Now
Playing: <a href="http://www.amazon.com/Rick-Ross/e/B00197GPLQ/ref=dp_byline_cont_music_1">Rick
Ross</a> – <a href="http://www.amazon.com/The-Devil-Lie-feat-Explicit/dp/B00HFL50XE/ref=sr_1_cc_1?s=aps&amp;ie=UTF8&amp;qid=1403529131&amp;sr=1-1-catcorr&amp;keywords=devil+is+a+lie">The
Devil is a Lie (featuring Jay-Z)</a> <img title="Note" alt="Note" src="http://www.25hoursaday.com/weblog/images/music_note.gif" />
</p>
<img width="0" height="0" src="http://www.25hoursaday.com/weblog/aggbug.ashx?id=9394ca1e-321b-4a36-8c91-d6b044790af7" />http://www.25hoursaday.com/weblog/CommentView,guid,9394ca1e-321b-4a36-8c91-d6b044790af7.aspxSocial SoftwareTechnologyhttp://www.25hoursaday.com/weblog/Trackback.aspx?guid=2d115e67-f5a8-4a98-ad1e-a3f7b6ddae3fhttp://www.25hoursaday.com/weblog/pingback.aspxhttp://www.25hoursaday.com/weblog/PermaLink,guid,2d115e67-f5a8-4a98-ad1e-a3f7b6ddae3f.aspxDare Obasanjohttp://www.25hoursaday.com/weblog/CommentView,guid,2d115e67-f5a8-4a98-ad1e-a3f7b6ddae3f.aspxhttp://www.25hoursaday.com/weblog/SyndicationService.asmx/GetEntryCommentsRss?guid=2d115e67-f5a8-4a98-ad1e-a3f7b6ddae3f1

The most interesting news from Facebook’s F8 last week was the announcement of App
Links. If you are unfamiliar with the announcement, watch the 1 minute video embedded
below which does a great job of setting up the sales pitch. Using App Links, mobile
app developers can put markup in their web pages that indicate how to launch that
page in their application on Android, iOS and Windows Phone. For example, clicking
on a link to a FourSquare check-in from the news feed will launch the FourSquare app
on your phone and will open that specific location or event. .

The interesting question is why is Facebook doing this? It boils down to the fact
that Facebook is an advertising company which makes the
majority of its revenue from those ads asking you to install Candy Crush and Clash
of Clans in your news feed.

Facebook’s pattern at this point is well known. They give you something of value for
free (traffic) and once you get hooked they dial it down until you have to pay. The
world is littered with the ashes of various companies who were once media darlings
because Facebook gave them a bunch of free traffic from liberal news feed algorithms
and then turned off the spigot. Just ask Viddy, all
those social readers, Zynga,
or read that hilarious
break up letter from those guys at Eat24.

Publishers who use app links will likely get a boost in the news feed algorithm likely
under the pretext that they provide a better user experience to consumers. Early success
stories will cause lots of developers to create app links and then get hooked on the
traffic they get from Facebook. Eventually your traffic will start dropping and any
complaints will be met with an
elaborate mathematical formula which explains why your content isn’t that hot
on Facebook anymore. But don’t worry, you can fix all that by buying ads.

It’s obvious, devious and I love it. Especially since it does actually move the user
experience of the mobile web forward even if the end goal is to make Facebook tons
of money.

The other thing I give Facebook props for is holding a mirror up to the major search
engines to see how silly we were being. Bing supports standards for app linking but it's
only for Windows & Windows Phone apps. Google supports the same and again it
only works for Android apps. Facebook is trying to say it doesn’t matter if you
are on the web, Windows Phone, Android or iOS, links in the news feed should open
in the native app on that platform. Google and Bing’s search engines on the other
hand only supported the same when searching on the OSes from their parent companies. #strategytax

Hopefully Facebook’s move will bring more inclusiveness across the board from many
online platform providers not just search engines. For example, I would love it if
email providers also supported app links as well.

Facebook’s App Links: The Good, the Bad and the Uglyhttp://www.25hoursaday.com/weblog/PermaLink,guid,2d115e67-f5a8-4a98-ad1e-a3f7b6ddae3f.aspxhttp://www.25hoursaday.com/weblog/2014/05/05/FacebooksAppLinksTheGoodTheBadAndTheUgly.aspx
Mon, 05 May 2014 14:38:16 GMT<p>
The most interesting news from Facebook’s F8 last week was the announcement of <a href="http://applinks.org/">App
Links</a>. If you are unfamiliar with the announcement, watch the 1 minute video embedded
below which does a great job of setting up the sales pitch. Using App Links, mobile
app developers can put markup in their web pages that indicate how to launch that
page in their application on Android, iOS and Windows Phone. For example, clicking
on a link to a FourSquare check-in from the news feed will launch the FourSquare app
on your phone and will open that specific location or event.&#160; .
</p>
<p>
<iframe height="315" src="//www.youtube.com/embed/tNi4nT031IQ" frameborder="0" width="560" allowfullscreen="allowfullscreen">
</iframe>
</p>
<p>
The interesting question is why is Facebook doing this? It boils down to the fact
that Facebook is an advertising company which makes <a title="Facebook rides mobile ad sales to earnings of $885M" href="http://www.usatoday.com/story/news/usanow/2014/04/23/facebook-quarterly-results-mobile-sales-up/7985307/">the
majority of its revenue</a> from those ads asking you to install Candy Crush and Clash
of Clans in your news feed.
</p>
<p>
Facebook’s pattern at this point is well known. They give you something of value for
free (traffic) and once you get hooked they dial it down until you have to pay. The
world is littered with the ashes of various companies who were once media darlings
because Facebook gave them a bunch of free traffic from liberal news feed algorithms
and then turned off the spigot. Just ask <a title="Facebook App Makers Struggle With How Fickle Facebook Can Be" href="http://www.huffingtonpost.com/2013/03/11/facebook-apps_n_2850893.html">Viddy</a>, <a title="Facebook Social Readers Are All Collapsing" href="http://www.buzzfeed.com/jwherrman/facebook-social-readers-are-all-collapsing">all
those social readers</a>, <a href="http://www.forbes.com/sites/tomiogeron/2012/07/31/facebooks-dependence-on-zynga-drops-zyngas-revenue-to-facebook-flat/">Zynga</a>,
or read that <a href="http://blog.eat24hours.com/breakup-letter-to-facebook-from-eat24/">hilarious
break up letter from those guys at Eat24</a>.
</p>
<p>
Publishers who use app links will likely get a boost in the news feed algorithm likely
under the pretext that they provide a better user experience to consumers. Early success
stories will cause lots of developers to create app links and then get hooked on the
traffic they get from Facebook. Eventually your traffic will start dropping and any
complaints will be met with <a href="http://techcrunch.com/2014/04/03/the-filtered-feed-problem/">an
elaborate mathematical formula</a> which explains why your content isn’t that hot
on Facebook anymore. But don’t worry, you can fix all that by buying ads. <img class="wlEmoticon wlEmoticon-smile" style="border-top-style: none; border-bottom-style: none; border-right-style: none; border-left-style: none" alt="Smile" src="http://www.25hoursaday.com/weblog/content/binary/Windows-Live-Writer/App-Links-Facebooks-Try-Before-You-Buy-f_616A/wlEmoticon-smile_2.png" />&#160;
</p>
<p>
It’s obvious, devious and I love it. Especially since it does actually move the user
experience of the mobile web forward even if the end goal is to make Facebook tons
of money.
</p>
<p>
The other thing I give Facebook props for is holding a mirror up to the major search
engines to see how silly we were being. Bing supports standards for app linking but <a href="http://www.bing.com/dev/en-us/applink#explanation">it's
only for Windows &amp; Windows Phone apps</a>. Google supports the same and again <a href="https://developers.google.com/app-indexing/">it
only works for Android apps</a>. Facebook is trying to say it doesn’t matter if you
are on the web, Windows Phone, Android or iOS, links in the news feed should open
in the native app on that platform. Google and Bing’s search engines on the other
hand only supported the same when searching on the OSes from their parent companies. <a href="http://scripting.com/davenet/2001/04/30/strategyTax.html">#strategytax</a>
</p>
<p>
Hopefully Facebook’s move will bring more inclusiveness across the board from many
online platform providers not just search engines. For example, I would love it if
email providers also supported app links as well.
</p>
<p>
<img title="Note" alt="Note" src="http://www.25hoursaday.com/weblog/images/music_note.gif" /> Now
Playing: <a href="http://www.amazon.com/s/ref=ntt_srch_drd_B00HFE9YK6?ie=UTF8&amp;field-keywords=DJ%20Snake%20%26%20Lil%20Jon&amp;index=digital-music&amp;search-type=ss">DJ
Snake &amp; Lil Jon</a> – <a href="http://www.amazon.com/Turn-Down-for-What/dp/B00HFEC192/ref=sr_1_1?ie=UTF8&amp;qid=1399298690&amp;sr=8-1&amp;keywords=dj+snake+lil+jon">Turn
Down For What</a> <img title="Note" alt="Note" src="http://www.25hoursaday.com/weblog/images/music_note.gif" />
</p>
<img width="0" height="0" src="http://www.25hoursaday.com/weblog/aggbug.ashx?id=2d115e67-f5a8-4a98-ad1e-a3f7b6ddae3f" />http://www.25hoursaday.com/weblog/CommentView,guid,2d115e67-f5a8-4a98-ad1e-a3f7b6ddae3f.aspxCompetitors/Web Companieshttp://www.25hoursaday.com/weblog/Trackback.aspx?guid=f6e9bf09-80f7-4d14-9f52-f544ab1c65b4http://www.25hoursaday.com/weblog/pingback.aspxhttp://www.25hoursaday.com/weblog/PermaLink,guid,f6e9bf09-80f7-4d14-9f52-f544ab1c65b4.aspxDare Obasanjohttp://www.25hoursaday.com/weblog/CommentView,guid,f6e9bf09-80f7-4d14-9f52-f544ab1c65b4.aspxhttp://www.25hoursaday.com/weblog/SyndicationService.asmx/GetEntryCommentsRss?guid=f6e9bf09-80f7-4d14-9f52-f544ab1c65b42

and talks about what it means for the future of innovation if apps which tend to be
distributed from app stores managed by corporate gate keepers continue to dominate
the web as the primary way people connect on the Internet.

Using HTTP Doesn’t Make Something Part of the Web

In response to Chris Dixon’s post I’ve seen a fallacy repeated a number of times.
The most visible instance of this fallacy is John Gruber’s Rethinking
What We Mean by ‘Mobile Web’ where he writes

I think Dixon has it all wrong. We shouldn’t think of the “web” as only what renders
inside a web browser. The web is HTTP, and the open Internet. What exactly are people
doing with these mobile apps? Largely, using the same services, which, on the desktop,
they use in a web browser.
...
Yes, Apple and Google (and Amazon, and Microsoft) control their respective app
stores. But the difference from Dixon’s AOL analogy is that they don’t control the
internet — and they don’t control each other. Apple doesn’t want cool new apps launching
Android-only, and it surely bothers Google that so many cool new apps launch iOS-first.
Apple’s stance on Bitcoin hasn’t exactly kept Bitcoin from growing explosively. App
Stores are walled gardens, but the apps themselves are just clients to the open web/internet.
...
The rise of mobile apps hasn’t taken anything away from the wide open world of web
browsers and cross-platform HTML/CSS/JavaScript — other than supremacy. I think that
bothers some, who saw the HTML/CSS/JavaScript browser-centric web’s decade-ago supremacy
as the end point, the ultimate triumph of a truly open platform, rather than what
it really was: just another milestone along the way of an industry that is always
in flux, ever ebbing and flowing.

What we’ve gained, though, is a wide range of interaction capabilities that never
could have existed in a web browser-centric world. That to me is cause for celebration.

The key point here is that the World Wide Web and the Internet are different
things. The definition of the web I use comes from Tim
Berners-Lee’s original proposal of a browsable information network of hyperlinked
documents & media on a global network. The necessary building blocks for this
are a way to identify these documents (URIs), the actual content of these documents
(HTML/JS/CSS/media), how clients obtain these documents (HTTP) and the global network
they site on (The Internet).

This difference is important to spell out because although HTTP and the Internet are
key parts of the world wide web, they aren’t the web. One of the key things we lose
with apps is public addressability (i.e. URIs for the technically inclined). What
does this mean in practice

Content from apps is often invisible to search engines like Google and Bing since
their information is not part of the web.

Publishing a website simply requires getting a web host or even just hosting your
own server. Publishing an app means submitting your product to some corporation then
restricting your content and functionality to their rules & regulations before
being made available to end users.

The key loss being that we are regressing from a globally accessible information network
which reaches everyone on earth and where no publisher needs permission to reach billions
of people to lots of corporate controlled fiefdoms and walled gardens.

I don’t disagree with Gruber’s notion that mobile apps have introduced new models
of interaction that would not have existed in a web-browser centric world. However
that doesn’t mean we aren’t losing something along the way.

The mobile web vs apps is another front on the battle between open and closed systemshttp://www.25hoursaday.com/weblog/PermaLink,guid,f6e9bf09-80f7-4d14-9f52-f544ab1c65b4.aspxhttp://www.25hoursaday.com/weblog/2014/04/09/TheMobileWebVsAppsIsAnotherFrontOnTheBattleBetweenOpenAndClosedSystems.aspx
Wed, 09 Apr 2014 14:17:27 GMT<p>
Chris Dixon has a fairly eloquent blog post where he talks about <a href="http://cdixon.org/2014/04/07/the-decline-of-the-mobile-web/">the
decline of the mobile web</a>. He cites the following chart
</p>
<blockquote>
<p>
<img src="http://a16zcdixon.files.wordpress.com/2014/04/apps_dominate_hires-resized-600.png?w=360&amp;h=305" />
</p>
</blockquote>
<p>
and talks about what it means for the future of innovation if apps which tend to be
distributed from app stores managed by corporate gate keepers continue to dominate
the web as the primary way people connect on the Internet.
</p>
<h3>Using HTTP Doesn’t Make Something Part of the Web
</h3>
<p>
In response to Chris Dixon’s post I’ve seen a fallacy repeated a number of times.
The most visible instance of this fallacy is John Gruber’s <a href="http://daringfireball.net/2014/04/rethinking_what_we_mean_by_mobile_web">Rethinking
What We Mean by ‘Mobile Web’</a> where he writes
</p>
<blockquote>
<p>
<em>I think Dixon has it all wrong. We shouldn’t think of the “web” as only what renders
inside a web browser. The web is HTTP, and the open Internet. What exactly are people
doing with these mobile apps? Largely, using the same services, which, on the desktop,
they use in a web browser.</em>
<br />
...
<br />
<em>Yes, Apple and Google (and Amazon, and Microsoft) control their respective app
stores. But the difference from Dixon’s AOL analogy is that they don’t control the
internet — and they don’t control each other. Apple doesn’t want cool new apps launching
Android-only, and it surely bothers Google that so many cool new apps launch iOS-first.
Apple’s stance on Bitcoin hasn’t exactly kept Bitcoin from growing explosively. App
Stores are walled gardens, but the apps themselves are just clients to the open web/internet.
<br />
...
<br />
The rise of mobile apps hasn’t taken anything away from the wide open world of web
browsers and cross-platform HTML/CSS/JavaScript — other than supremacy. I think that
bothers some, who saw the HTML/CSS/JavaScript browser-centric web’s decade-ago supremacy
as the end point, the ultimate triumph of a truly open platform, rather than what
it really was: just another milestone along the way of an industry that is always
in flux, ever ebbing and flowing. </em>
</p>
<p>
<em>What we’ve gained, though, is a wide range of interaction capabilities that never
could have existed in a web browser-centric world. That to me is cause for celebration.</em>
</p>
</blockquote> The key point here is that the World Wide Web and the Internet are different
things. The definition of the web I use comes from <a href="http://www.w3.org/Proposal.html">Tim
Berners-Lee’s original proposal</a> of a browsable information network of hyperlinked
documents &amp; media on a global network. The necessary building blocks for this
are a way to identify these documents (URIs), the actual content of these documents
(HTML/JS/CSS/media), how clients obtain these documents (HTTP) and the global network
they site on (The Internet).
<p>
This difference is important to spell out because although HTTP and the Internet are
key parts of the world wide web, they aren’t the web. One of the key things we lose
with apps is public addressability (i.e. URIs for the technically inclined). What
does this mean in practice
</p>
<ul>
<li>
<p>
Visiting a website is as simple as being told “go to <a href="http://bing.com">http://bing.com</a>”
from any browser on any platform using any device. Getting an app requires the app
developer to have created an app for your platform which may not have occurred due
to <a title="Cover for Android" href="https://www.coverscreen.com">technical limitations</a>, <a href="https://play.google.com/store/apps/details?id=de.schildbach.wallet">policy
limitations of the platform owner</a> or simply <a href="http://techcrunch.com/2014/04/06/the-fallacy-of-android-first/">the
cost of supporting multiple platforms being higher than they want to bear</a>.
</p>
</li>
<li>
<p>
Content from apps is often invisible to search engines like Google and Bing since
their information is not part of the web.
</p>
</li>
<li>
<p>
Publishing a website simply requires getting a web host or even just hosting your
own server. Publishing an app means submitting your product to some corporation then
restricting your content and functionality to their rules &amp; regulations before
being made available to end users.
</p>
</li>
</ul>
<p>
The key loss being that we are regressing from a globally accessible information network
which reaches everyone on earth and where no publisher needs permission to reach billions
of people to lots of corporate controlled fiefdoms and walled gardens.
</p>
<p>
I don’t disagree with Gruber’s notion that mobile apps have introduced new models
of interaction that would not have existed in a web-browser centric world. However
that doesn’t mean we aren’t losing something along the way.
</p>
<p>
<img title="Note" alt="Note" src="http://www.25hoursaday.com/weblog/images/music_note.gif" /> Now
Playing: <a href="http://www.amazon.com/The-Heavy/e/B001LI3FXE/ref=sr_ntt_srch_lnk_1?qid=1397049766&amp;sr=8-1">The
Heavy</a> – <a href="http://www.amazon.com/Short-Change-Hero/dp/B004OO3AQO/ref=sr_1_1?ie=UTF8&amp;qid=1397049800&amp;sr=8-1&amp;keywords=short+change+hero">Short
Change Hero</a> <img title="Note" alt="Note" src="http://www.25hoursaday.com/weblog/images/music_note.gif" />
</p>
<img width="0" height="0" src="http://www.25hoursaday.com/weblog/aggbug.ashx?id=f6e9bf09-80f7-4d14-9f52-f544ab1c65b4" />http://www.25hoursaday.com/weblog/CommentView,guid,f6e9bf09-80f7-4d14-9f52-f544ab1c65b4.aspxTechnologyWeb Developmenthttp://www.25hoursaday.com/weblog/Trackback.aspx?guid=23a28a79-5400-4ab8-91d9-36d88fa453b5http://www.25hoursaday.com/weblog/pingback.aspxhttp://www.25hoursaday.com/weblog/PermaLink,guid,23a28a79-5400-4ab8-91d9-36d88fa453b5.aspxDare Obasanjohttp://www.25hoursaday.com/weblog/CommentView,guid,23a28a79-5400-4ab8-91d9-36d88fa453b5.aspxhttp://www.25hoursaday.com/weblog/SyndicationService.asmx/GetEntryCommentsRss?guid=23a28a79-5400-4ab8-91d9-36d88fa453b5
This morning I saw the following tweet
from Steven Levy, a Wired reporter who's
written a number of interesting books about software people and the great companies
they've built

I hate it when something I look at on Amazon turns up in a Facebook ad. It doesn't
help me, it creeps me.

As part of my
day job at Microsoft, I've begun to learn more about how advertising across the
internet works on a technical level and it is quite interesting to learn how an image
of a some head phones I looked at an e-commerce site ended up staring back at me from
an ad on Facebook later that day.

The fundamental technology that makes this possible is Facebook
Exchange (FBX). The infographic below provides an overview of how it enables ads
from ecommerce sites to show up on Facebook and I’ll follow that up with a slightly
more technical explanation.

Facebook Exchange is a Real-Time
Bidding platform which enables Facebook to sell ad slots on their page to the
highest bidding advertisers in fractions of a second. Typically advertisers and publishers
who own the pages where ads show up end up working together through an intermediary
called a Demand Side Platform
(DSP). A DSP such as AdRoll provides one
of their retail partners such as American Apparel or Skull Candy with code to
put tracking pixels on their site which allows the user to be identified and context
such as what pages they’ve visited to be recorded. The retail partner then goes into
AdRoll’s interface and decides how much they are willing to pay to show ads on various
networks such as Facebook (via FBX) if a user who has visited one of their pages is
shown an ad.

AdRoll then provides data to Facebook that allows the user to be uniquely identified
within Facebook’s network. Later when that same user goes to Facebook, Facebook puts
out a request on its Ad Exchange saying “Here’s a user who you might be interested
in, how much are you willing to pay to show them an ad?”, AdRoll then cross-references
that user’s opaque identifier with the behavioral data they have (i.e. what pages
they were looking at on an advertiser’s site) and if there is a match they make a
bid which will also include their ad for the page that piqued their interest. If the
retailer wins the auction, then their ad is chosen and either rendered in the news
feed or on the right hand side on Facebook’s desktop website. Each of these pieces
needs to happen in fractions of a second but is still slow enough that rendering ads
tends to noticeably be the slowest part of rendering the webpage.

You can tell if an ad is retargeted on Facebook by hovering with your mouse cursor
on the top right of the ad (on the desktop website) and then selecting the options.
If the “About This Ad” link takes you somewhere outside Facebook then it is a retargeted
ad.

If you found this blog post informative I've
begun a regular series of blog posts intended to answer questions about online
advertising on Microsoft properties such as Bing & MSN and on industry trends.
Hit me up on Twitter with your questions.

How Facebook Knows What You Looked at on Amazonhttp://www.25hoursaday.com/weblog/PermaLink,guid,23a28a79-5400-4ab8-91d9-36d88fa453b5.aspxhttp://www.25hoursaday.com/weblog/2014/02/17/HowFacebookKnowsWhatYouLookedAtOnAmazon.aspx
Mon, 17 Feb 2014 20:44:00 GMTThis morning I saw the following tweet from <a href="http://www.stevenlevy.com/">Steven
Levy</a>, a Wired reporter who's written a number of interesting books about software
people and the great companies they've built <blockquote lang="en" class="twitter-tweet">
<p>
I hate it when something I look at on Amazon turns up in a Facebook ad. It doesn't
help me, it creeps me.
</p>
— Steven Levy (@StevenLevy) <a href="https://twitter.com/StevenLevy/statuses/435424256940191746">February
17, 2014</a></blockquote> <script async src="//platform.twitter.com/widgets.js" charset="utf-8"></script>
<p>
As part of <a href="http://advertise.bingads.microsoft.com/en-us/blogpost/129022/bing-ads-blog/dear-dare-ask-us-your-most-challenging-questions-on-linkedin">my
day job at Microsoft</a>, I've begun to learn more about how advertising across the
internet works on a technical level and it is quite interesting to learn how an image
of a some head phones I looked at an e-commerce site ended up staring back at me from
an ad on Facebook later that day.
</p>
<p>
The fundamental technology that makes this possible is <a href="https://developers.facebook.com/docs/reference/ads-api/rtb/">Facebook
Exchange (FBX)</a>. The infographic below provides an overview of how it enables ads
from ecommerce sites to show up on Facebook and I’ll follow that up with a slightly
more technical explanation.
</p>
<p>
<img src="http://static5.businessinsider.com/image/529e36d769beddc36cdfbb9c-480/bii-fbx-example.jpg" />
</p>
<p>
Source: <a href="http://www.businessinsider.com/explaining-fbx-facebook-exchange-2013-12">Business
Insider</a>
</p>
<p>
Facebook Exchange is a <a href="http://en.wikipedia.org/wiki/Real-time_bidding">Real-Time
Bidding platform</a> which enables Facebook to sell ad slots on their page to the
highest bidding advertisers in fractions of a second. Typically advertisers and publishers
who own the pages where ads show up end up working together through an intermediary
called a <a href="http://en.wikipedia.org/wiki/Demand-side_platform">Demand Side Platform
(DSP)</a>. A DSP such as <a href="https://www.adroll.com">AdRoll</a> provides <a href="https://www.adroll.com/about">one
of their retail partners</a> such as American Apparel or Skull Candy with code to
put tracking pixels on their site which allows the user to be identified and context
such as what pages they’ve visited to be recorded. The retail partner then goes into
AdRoll’s interface and decides how much they are willing to pay to show ads on various
networks such as Facebook (via FBX) if a user who has visited one of their pages is
shown an ad.
</p>
<p>
AdRoll then provides data to Facebook that allows the user to be uniquely identified
within Facebook’s network. Later when that same user goes to Facebook, Facebook puts
out a request on its Ad Exchange saying “Here’s a user who you might be interested
in, how much are you willing to pay to show them an ad?”, AdRoll then cross-references
that user’s opaque identifier with the behavioral data they have (i.e. what pages
they were looking at on an advertiser’s site) and if there is a match they make a
bid which will also include their ad for the page that piqued their interest. If the
retailer wins the auction, then their ad is chosen and either rendered in the news
feed or on the right hand side on Facebook’s desktop website. Each of these pieces
needs to happen in fractions of a second but is still slow enough that rendering ads
tends to noticeably be the slowest part of rendering the webpage.
</p>
<p>
In fact, there was a grand example of retargeting in action while I was researching
this blog post. When I started writing this blog post I checked out <a href="https://www.adroll.com/facebook_exchange">AdRoll’s
web page on how to use their service to retarget ads on Facebook</a>. A few minutes
later, this showed up in my news feed.
</p>
<p>
<img src="http://i.imgur.com/zC0NCjD.png?1?2440" />
</p>
<p>
You can tell if an ad is retargeted on Facebook by hovering with your mouse cursor
on the top right of the ad (on the desktop website) and then selecting the options.
If the “About This Ad” link takes you somewhere outside Facebook then it is a retargeted
ad.
</p>
<p>
<img src="http://i.imgur.com/7dIw8OO.png?1?3163" />
</p>
<p>
Some ad providers like Quantcast <a href="https://www.quantcast.com/fbx-opt-out">provide
an option to opt-out of retargeting</a> for their service while others like AdRoll
link to the <a href="http://www.networkadvertising.org/choices/">Network Advertising
Initiative (NAI) opt –out tool</a> which provides an option to opt-out of retargeting
for a variety of ad providers. Note that this <u>doesn’t</u> prevent you from getting
ads and is instead just a signal to advertisers that you’d rather not have your ads
personalized.
</p>
If you found this blog post informative <a href="http://advertise.bingads.microsoft.com/en-us/blogpost/129022/bing-ads-blog/dear-dare-ask-us-your-most-challenging-questions-on-linkedin">I've
begun a regular series of blog posts</a> intended to answer questions about online
advertising on Microsoft properties such as Bing &amp; MSN and on industry trends.
Hit me up on Twitter with your questions.
<p>
<img title="Note" alt="Note" src="http://www.25hoursaday.com/weblog/images/music_note.gif" /> Now
Playing: <a href="http://www.amazon.com/Ice-Cube/e/B000AQ3K88/ref=sr_1_1_acs_ent_artist?qid=1392656449&amp;sr=8-1-acs">Ice
Cube</a> – <a href="http://www.amazon.com/Hood-Mentality-Explicit/dp/B001DQB2HK/ref=sr_1_1?ie=UTF8&amp;qid=1392656529&amp;sr=8-1&amp;keywords=hood+mentality+ice+cube">Hood
Mentality</a> <img title="Note" alt="Note" src="http://www.25hoursaday.com/weblog/images/music_note.gif" />
</p>
<img width="0" height="0" src="http://www.25hoursaday.com/weblog/aggbug.ashx?id=23a28a79-5400-4ab8-91d9-36d88fa453b5" />http://www.25hoursaday.com/weblog/CommentView,guid,23a28a79-5400-4ab8-91d9-36d88fa453b5.aspxTechnologyhttp://www.25hoursaday.com/weblog/Trackback.aspx?guid=e9e8aef0-d46f-4c30-a0cc-7bb3f7162b3chttp://www.25hoursaday.com/weblog/pingback.aspxhttp://www.25hoursaday.com/weblog/PermaLink,guid,e9e8aef0-d46f-4c30-a0cc-7bb3f7162b3c.aspxDare Obasanjohttp://www.25hoursaday.com/weblog/CommentView,guid,e9e8aef0-d46f-4c30-a0cc-7bb3f7162b3c.aspxhttp://www.25hoursaday.com/weblog/SyndicationService.asmx/GetEntryCommentsRss?guid=e9e8aef0-d46f-4c30-a0cc-7bb3f7162b3c3

Up until a few months ago, the term DevOps was simply another buzzword
which filled my Twitter feed that evoked a particular idea but wasn’t really concrete
to me. Similar to other buzzwords related to software development such as NoSQL and
Agile, it is hard to pin down what the definitive definition of the term is just what
it wasn’t. If you aren’t familiar with DevOps, a simple definition is that the goal
of DevOps is to address this common problem when building online services

All of these trends already applied to our organization before we made the big switch
to merge the three engineering disciplines into a DevOps role. We’d already embraced
the Agile development model complete
with two to four week sprints, daily scrums, burn-down charts, and senior program
managers playing the role of the product owner (although we use the term scenario
owner). Given our market position as the underdog to Google in search and advertising,
our business leaders always wants to ship more
features, more quickly while maintaining high product quality. In addition, there’s
a ton of peer pressure for all of us at Microsoft to leverage internal tools Windows
Azure and Autopilot for
as much of our cloud services needs as possible instead of rolling our own data centers
and hardware configurations.

Technically our organization was already committed to DevOps practices before we made
the transition that eliminated roles. However the what the organization realized is
that a bigger change to the culture was needed for us to get the most value out of
these practices. The challenge we faced is that the organizational structure of separate
roles for developers, testers and operations tends to create these walls where one
role feels their responsibility is for a certain part of the development cycle and
then tosses the results of their efforts down stream to the next set of folks in the
delivery pipeline. Developers tended to think their job was to write code and quality
was the role of testers. Testers felt their role was to create test frameworks and
find bugs then deployment was the role of the operations team. The operations team
tended to think their role was keeping the live site running without the ability to
significantly change how the product was built. No matter how open and collaborative
the people are on your team, these strictly defined roles create these walls. My favorite
analogy for this situation is like comparing two families who are on a diet trying
to lose weight and one of them has fruit, veggies and healthy snacks in the pantry
while the other has pop tarts, potato chips, chocolate and ice cream in theirs. No
matter how much will power the latter family has, they are more likely to “cheat”
on their diet than the first family because they have created an environment that
makes it harder for them to do the right thing.

Benefits

The benefits of fully embracing DevOps are fairly self-evident so I won’t spend time
on discussing the obvious benefits that have been beaten to death elsewhere. I will
talk about the benefits I’ve seen in our specific case of merging the 3 previous engineering
roles into a single one. The most significant change is the cultural change towards
how we view automation of every step related to deployment and monitoring. It turns
out that there is a big difference when approaching a problem from the perspective
of taking away people’s jobs (i.e. automating what the operations team does) versus
making your team more effective (i.e. reducing the amount of time the engineering
team spends on operational tasks that can be automated thus giving us more time to
work on features that move the business forward). This has probably the biggest surprise,
although obvious in hindsight, as well as the biggest benefit.

We’ve also begun to see faster time to resolve issues from build breaks to features
failing in production due to fact that the on-call person (we call them Directly Responsible
Individuals or DRIs) is now a full member of the engineering team who is expected
to be capable of debugging and fixing issues encountered as part of being on-call.
This is an improvement from prior models where the operations team were the primary
folks on-call and would tend to pull in the development team as a last resort outside
of business hours.

As a program manager (or product manager if you’re a Silicon Valley company), I find
it has made my job easier since I have fewer people to talk to because we’ve consolidated
engineering managers. No longer having to talk to an development manager separately
from the manager of systems engineers separately from a test manager has made communication
far more efficient for me.

Challenges

There are a number of risks with any organization taking the steps that we have at
Bing Ads. The biggest risk is definitely attrition especially at a company like Microsoft
where these well-defined roles have been a part of the culture for decades and are
still part & parcel of how the majority of the company does business. A number
of people may feel that this is a bait and switch on their career plans with the new
job definitions not aligning with how they saw their roles evolving over time. Others
may not mind that as much but may simply feel that their skills may not be as valuable
in the new world especially as they now need to learn a set of new skills. I’ve had
one simple argument when I’ve met people with this mindset. The first is that DevOps
is here to stay. The industry trends that have had more and more companies from Facebook
and Amazon to Etsy and Netflix blurring the lines between developers, test engineers
and operations staff will not go away. Companies aren’t going to want to start shipping
less frequently nor will they want to bring back manual deployment processes instead
of automating as much as possible. The skills you learn in a DevOps culture will make
you more broadly valuable wherever they find their next role whether it is a traditional
specialized engineering structure or in a DevOps based organization.

Other places where we’re still figuring things out are best practices around ownership
of testing. We currently try to follow a “you build it, you test it, you deploy it”
culture as much as possible although allowing any dev to deploy code has turned out
to be bit more challenging than we expected since we had to ensure we do not run afoul
of the structures we had in place to stay compliant with various
regulations. Testing your own code is one of topics where many
in the industry have come out against as being
generally a bad idea. I remember arguments from my college classes from software
engineering professors about the blind spots developers have about their software
requiring the need for dedicated teams to do testing. We do have mitigations in place
such as test plan reviews and code reviews to ensure there are alternate pairs of
eyes looking at the problem space not just the developer who created the functionality.
There is also the school of thought that since the person who wrote the code will
likely be the person woken up in the middle of the night if it goes haywire at an
inopportune moment, there is a sense of self preservation that will cause more diligence
to be applied to the problem than was the case in the previous eras of boxed software
which is when most of the anti-developer testing arguments were made.

My Experiences with DevOps while Working in Bing Adshttp://www.25hoursaday.com/weblog/PermaLink,guid,e9e8aef0-d46f-4c30-a0cc-7bb3f7162b3c.aspxhttp://www.25hoursaday.com/weblog/2014/01/20/MyExperiencesWithDevOpsWhileWorkingInBingAds.aspx
Mon, 20 Jan 2014 15:53:50 GMT<p>
Up until a few months ago, the term <code>DevOps</code> was simply another buzzword
which filled my Twitter feed that evoked a particular idea but wasn’t really concrete
to me. Similar to other buzzwords related to software development such as NoSQL and
Agile, it is hard to pin down what the definitive definition of the term is just what
it wasn’t. If you aren’t familiar with DevOps, a simple definition is that the goal
of DevOps is to address this common problem when building online services
</p>
<p>
<img src="http://dev2ops.org/wp-content/uploads/2010/02/WallOfConfusion_Release.png" />
</p>
<h3>The Big Switch
</h3>
<p>
A couple of months ago, my work group took what many would consider a rather extreme
step in eliminating this wall between developers and operations. Specifically, <a href="http://advertise.bingads.microsoft.com/en-us/home">Bing
Ads</a> transitioned away from the traditional Microsoft engineering model of having <a href="http://www.microsoft.com/en-in/msidc/career/sde.aspx">software
design engineers</a> (aka developers), <a href="http://www.microsoft.com/en-in/msidc/career/sdet.aspx">software
design engineers in test</a> (testers) and <a href="http://careers.microsoft.com/careers/en/gbl/professions.aspx#it">service
operations</a> (ops) and merged all of these roles into a single engineering role.
As it states in <a href="http://en.wikipedia.org/wiki/DevOps">the Wikipedia entry
for DevOps</a>, the adoption of DevOps was driven by the following trends
</p>
<ol>
<li>
Use of agile and other development processes and methodologies
</li>
<li>
Demand for an increased rate of production releases from application and business
unit stakeholders
</li>
<li>
Wide availability of virtualized and cloud infrastructure from internal and external
providers
</li>
<li>
Increased usage of data center automation and configuration management tools
</li>
</ol>
<p>
All of these trends already applied to our organization before we made the big switch
to merge the three engineering disciplines into a DevOps role. We’d already embraced
the <a href="http://en.wikipedia.org/wiki/Scrum_(development)">Agile development model</a> complete
with two to four week sprints, daily scrums, burn-down charts, and senior program
managers playing the role of the product owner (although we use the term scenario
owner). Given our market position as the underdog to Google in search and advertising,
our business leaders always wants to ship <a title="Search Engine Watch: Big Bing Ads 2013 Recap" href="http://searchenginewatch.com/article/2287605/Big-Bing-Ads-2013-Recap">more
features, more quickly</a> while maintaining high product quality. In addition, there’s
a ton of peer pressure for all of us at Microsoft to leverage internal tools <a href="http://www.windowsazure.com/en-us/">Windows
Azure</a> and <a href="http://research.microsoft.com/apps/pubs/default.aspx?id=64604">Autopilot</a> for
as much of our cloud services needs as possible instead of rolling our own data centers
and hardware configurations.
</p>
<p>
Technically our organization was already committed to DevOps practices before we made
the transition that eliminated roles. However the what the organization realized is
that a bigger change to the culture was needed for us to get the most value out of
these practices. The challenge we faced is that the organizational structure of separate
roles for developers, testers and operations tends to create these walls where one
role feels their responsibility is for a certain part of the development cycle and
then tosses the results of their efforts down stream to the next set of folks in the
delivery pipeline. Developers tended to think their job was to write code and quality
was the role of testers. Testers felt their role was to create test frameworks and
find bugs then deployment was the role of the operations team. The operations team
tended to think their role was keeping the live site running without the ability to
significantly change how the product was built. No matter how open and collaborative
the people are on your team, these strictly defined roles create these walls. My favorite
analogy for this situation is like comparing two families who are on a diet trying
to lose weight and one of them has fruit, veggies and healthy snacks in the pantry
while the other has pop tarts, potato chips, chocolate and ice cream in theirs. No
matter how much will power the latter family has, they are more likely to “cheat”
on their diet than the first family because they have created an environment that
makes it harder for them to do the right thing.
</p>
<h3>Benefits
</h3>
<p>
The benefits of fully embracing DevOps are fairly self-evident so I won’t spend time
on discussing the obvious benefits that have been beaten to death elsewhere. I will
talk about the benefits I’ve seen in our specific case of merging the 3 previous engineering
roles into a single one. The most significant change is the cultural change towards
how we view automation of every step related to deployment and monitoring. It turns
out that there is a big difference when approaching a problem from the perspective
of taking away people’s jobs (i.e. automating what the operations team does) versus
making your team more effective (i.e. reducing the amount of time the engineering
team spends on operational tasks that can be automated thus giving us more time to
work on features that move the business forward). This has probably the biggest surprise,
although obvious in hindsight, as well as the biggest benefit.
</p>
<p>
We’ve also begun to see faster time to resolve issues from build breaks to features
failing in production due to fact that the on-call person (we call them Directly Responsible
Individuals or DRIs) is now a full member of the engineering team who is expected
to be capable of debugging and fixing issues encountered as part of being on-call.
This is an improvement from prior models where the operations team were the primary
folks on-call and would tend to pull in the development team as a last resort outside
of business hours.&#160;&#160;
</p>
<p>
As a program manager (or product manager if you’re a Silicon Valley company), I find
it has made my job easier since I have fewer people to talk to because we’ve consolidated
engineering managers. No longer having to talk to an development manager separately
from the manager of systems engineers separately from a test manager has made communication
far more efficient for me.
</p>
<h3>Challenges
</h3>
<p>
There are a number of risks with any organization taking the steps that we have at
Bing Ads. The biggest risk is definitely attrition especially at a company like Microsoft
where these well-defined roles have been a part of the culture for decades and are
still part &amp; parcel of how the majority of the company does business. A number
of people may feel that this is a bait and switch on their career plans with the new
job definitions not aligning with how they saw their roles evolving over time. Others
may not mind that as much but may simply feel that their skills may not be as valuable
in the new world especially as they now need to learn a set of new skills. I’ve had
one simple argument when I’ve met people with this mindset. The first is that DevOps
is here to stay. The industry trends that have had more and more companies from Facebook
and Amazon to Etsy and Netflix blurring the lines between developers, test engineers
and operations staff will not go away. Companies aren’t going to want to start shipping
less frequently nor will they want to bring back manual deployment processes instead
of automating as much as possible. The skills you learn in a DevOps culture will make
you more broadly valuable wherever they find their next role whether it is a traditional
specialized engineering structure or in a DevOps based organization.
</p>
<p>
Other places where we’re still figuring things out are best practices around ownership
of testing. We currently try to follow a “you build it, you test it, you deploy it”
culture as much as possible although allowing any dev to deploy code has turned out
to be bit more challenging than we expected since we had to ensure we do not run afoul
of the structures we had in place to stay compliant with <a href="http://en.wikipedia.org/wiki/Information_technology_controls#IT_controls_and_the_Sarbanes-Oxley_Act_.28SOX.29">various
regulations</a>. Testing your own code is one of topics where <a href="http://thecodist.com/article/programmers_should_not_test_their_own_code">many
in the industry</a> have come out against as <a href="http://www.developerfusion.com/column/8314/creating-a-culture-of-quality-part-1/">being
generally a bad idea</a>. I remember arguments from my college classes from software
engineering professors about the blind spots developers have about their software
requiring the need for dedicated teams to do testing. We do have mitigations in place
such as test plan reviews and code reviews to ensure there are alternate pairs of
eyes looking at the problem space not just the developer who created the functionality.
There is also the school of thought that since the person who wrote the code will
likely be the person woken up in the middle of the night if it goes haywire at an
inopportune moment, there is a sense of self preservation that will cause more diligence
to be applied to the problem than was the case in the previous eras of boxed software
which is when most of the anti-developer testing arguments were made.
</p>
<h3>Further Reading
</h3>
<ul>
<li>
<p>
<a href="http://en.wikipedia.org/wiki/DevOps">DevOps on Wikipedia</a>
</p>
</li>
<li>
<p>
<a href="http://dev2ops.org/2010/02/what-is-devops/">What is DevOps?</a> by Damon
Edwards
</p>
</li>
<li>
<p>
<a href="http://devops.com/2012/11/08/release-engineering-at-facebook/">Release Engineering
at Facebook</a> based on a talk by Chuck Rossi
</p>
</li>
<li>
<p>
<a href="http://perfcap.blogspot.com/2012/03/ops-devops-and-noops-at-netflix.html">Ops,
DevOps and PaaS (NoOps) at Netflix</a> by Adrian Cockcroft
</p>
</li>
</ul>
<p>
&#160;
</p>
<p>
<img title="Note" alt="Note" src="http://www.25hoursaday.com/weblog/images/music_note.gif" /> Now
Playing: <a href="http://www.amazon.com/Eminem/e/B000APFS8Y/ref=sr_ntt_srch_lnk_3?qid=1390182052&amp;sr=8-3">Eminem</a> – <a href="http://www.amazon.com/s/ref=nb_sb_noss?url=search-alias%3Daps&amp;field-keywords=rap+god">Rap
God</a> <img title="Note" alt="Note" src="http://www.25hoursaday.com/weblog/images/music_note.gif" />
</p>
<img width="0" height="0" src="http://www.25hoursaday.com/weblog/aggbug.ashx?id=e9e8aef0-d46f-4c30-a0cc-7bb3f7162b3c" />http://www.25hoursaday.com/weblog/CommentView,guid,e9e8aef0-d46f-4c30-a0cc-7bb3f7162b3c.aspxLife in the B0rg CubeProgramminghttp://www.25hoursaday.com/weblog/Trackback.aspx?guid=4444f413-4be4-4251-870d-18702a7f25dehttp://www.25hoursaday.com/weblog/pingback.aspxhttp://www.25hoursaday.com/weblog/PermaLink,guid,4444f413-4be4-4251-870d-18702a7f25de.aspxDare Obasanjohttp://www.25hoursaday.com/weblog/CommentView,guid,4444f413-4be4-4251-870d-18702a7f25de.aspxhttp://www.25hoursaday.com/weblog/SyndicationService.asmx/GetEntryCommentsRss?guid=4444f413-4be4-4251-870d-18702a7f25de2

Earlier this week my Twitter feed was flooded with reactions to the announcement of Amazon
Prime Air. A vision which is compelling and sounds like something from a science
fiction novel.

Amazon's Robotic Vision

A few have been skeptical of Amazon Prime Air and some such as Konstantin
Kakaes at Wired have described
the announcement as an hour long infomercial hosted by Charlie Rose that is full
of hot air. There are definitely a lot of things that need to get better before drone-based
package delivery is a reality. On the technology end there are challenges such as
improving navigation software and the getting more efficiency out of battery power.
On the regulatory end the rules and regulations needed to ensure the safety of the
populace in the midst of these flying drones still needs to be figured out.

Unlike a number of the skeptics, I'm quite confident that a number of the technological
and regulatory hurdles will be surmounted in the next 5 years. On the other hand,
I also believe Amazon oversold the technology. The logistics of actually delivering
a package to a customer has been glossed over quite a bit. If you look at the video,
this is the optimal situation for delivering a package.

Now think about all the places in urban environments that don't meet this criteria;
apartment complexes, condos, office building, etc. Then think about all the places
where packages are best left on the doorstep close to the house which would be infeasible
for a drone to land close to. In fact it's likely the 30 minute delivery claim is
meant to address some logistics challenges by assuming you'll be there to pick up
anything the drone drops off on your lawn or driveway before Johnny Sticky Fingers
does.

My suspicion is that the true impactful usage of Amazon Prime Air will be 30 minute
delivery drone delivery to Amazon Locker locations.

“I have a history of making my hobbies into a career,” Mr. Rubin said in a telephone
interview. “This is the world’s greatest job. Being an engineer and a tinkerer, you
start thinking about what you would want to build for yourself.”

He used the example of a windshield wiper that has enough “intelligence” to operate
when it rains, without human intervention, as a model for the kind of systems he is
trying to create. That is consistent with a vision put forward by the Google co-founder
Larry Page, who has argued that technology should be deployed wherever possible to
free humans from drudgery and repetitive tasks.

To spell it out, Google’s efforts in automation under project X have been about augmenting
the human experience in ways that eliminate repetitive tasks which humans are poor
at such as driving where human error is a significant cause of the over
30,000 deaths a year in the US due to automobile accidents. Even this somewhat
frivolous example of ringing the doorbell at Andy Rubin’s home taken from a
2007 profile of the Android founder is consistent with that vision

If the scanner recognizes you, the door unlocks automatically. (The system makes
it easier to deal with former girlfriends, Mr. Rubin likes to joke. No messy scenes
retrieving keys — it’s just a simple database update.)

Those forced to use the doorbell are greeted with another technological marvel:
a robotic arm inside the glass foyer grips a mallet and then strikes a large gong.
Although Mr. Rubin won’t reveal its cost, it may be one of the world’s most expensive
doorbells.

At the end of the day, I’m more inspired by a company looking at automating away all
of the tediousness of every day life with Star Trek style technology from automated
doorways and self-driving cars to fully autonomous robots than a vision of making
impulse buying at Walmart 2.0 Amazon more convenient. I for one welcome
our new robotic overlords.

Why Google's Vision of a Robotic Future Trumps Amazon'shttp://www.25hoursaday.com/weblog/PermaLink,guid,4444f413-4be4-4251-870d-18702a7f25de.aspxhttp://www.25hoursaday.com/weblog/2013/12/04/WhyGooglesVisionOfARoboticFutureTrumpsAmazons.aspx
Wed, 04 Dec 2013 17:21:54 GMT<p>
Earlier this week my Twitter feed was flooded with reactions to the announcement of <a href="http://amzn.to/PrimeAir">Amazon
Prime Air</a>. A vision which is compelling and sounds like something from a science
fiction novel.
</p>
<iframe height="315" src="//www.youtube.com/embed/98BIu9dpwHU" frameborder="0" width="560" allowfullscreen="allowfullscreen">
</iframe>
<h3>&#160;
</h3>
<p>
Flying robots delivering your impulse buys ordered from you smartphone within 30 minutes?
Sign me up.&#160;
</p>
<h3>Amazon's Robotic Vision
</h3>
<p>
A few have been skeptical of Amazon Prime Air and some such as <a href="http://www.slate.com/authors.konstantin_kakaes.html">Konstantin
Kakaes</a> at Wired have <a href="http://www.slate.com/blogs/future_tense/2013/12/02/amazon_prime_drone_delivery_service_jeff_bezos_plan_is_full_of_hot_air.html">described
the announcement as an hour long infomercial hosted by Charlie Rose</a> that is full
of hot air. There are definitely a lot of things that need to get better before drone-based
package delivery is a reality. On the technology end there are challenges such as
improving navigation software and the getting more efficiency out of battery power.
On the regulatory end the rules and regulations needed to ensure the safety of the
populace in the midst of these flying drones still needs to be figured out.
</p>
<p>
Unlike a number of the skeptics, I'm quite confident that a number of the technological
and regulatory hurdles will be surmounted in the next 5 years. On the other hand,
I also believe Amazon oversold the technology. The logistics of actually delivering
a package to a customer has been glossed over quite a bit. If you look at the video,
this is the optimal situation for delivering a package.
</p>
<p>
<img src="http://theguycornernyc.files.wordpress.com/2013/12/amazon-prime-air.jpg" />
</p>
<p>
Now think about all the places in urban environments that don't meet this criteria;
apartment complexes, condos, office building, etc. Then think about all the places
where packages are best left on the doorstep close to the house which would be infeasible
for a drone to land close to. In fact it's likely the 30 minute delivery claim is
meant to address some logistics challenges by assuming you'll be there to pick up
anything the drone drops off on your lawn or driveway before Johnny Sticky Fingers
does.
</p>
<p>
My suspicion is that the true impactful usage of Amazon Prime Air will be 30 minute
delivery drone delivery to <a href="http://www.amazon.com/locker">Amazon Locker locations</a>.
</p>
<h3>Google's Robotic Vision
</h3>
<p>
This morning my Twitter feed is abuzz with the news that Google's Andy Rubin, creator
of Android and <a href="http://www.nytimes.com/2007/11/04/technology/04google.html?_r=4&amp;pagewanted=1&amp;hp&amp;">longtime
robotics enthusiast</a>, <a href="http://spectrum.ieee.org/automaton/robotics/industrial-robots/google-acquisition-seven-robotics-companies">has
acquired seven robotics companies that are creating technologies to build a mobile
dexterous robot</a>. This effort will be part of <a href="http://en.m.wikipedia.org/wiki/Google_X_Lab">Google
X</a> which is also the home of <a href="http://www.google.com/glass/start/">Google
Glass</a> &amp; <a href="http://en.wikipedia.org/wiki/Google_driverless_car">self-driving
cars</a>. Andy Rubin describes the effort as follows
</p>
<blockquote>
<p>
<em>“I have a history of making my hobbies into a career,” Mr. Rubin said in a telephone
interview. “This is the world’s greatest job. Being an engineer and a tinkerer, you
start thinking about what you would want to build for yourself.”</em>
</p>
<p>
<em>He used the example of a windshield wiper that has enough “intelligence” to operate
when it rains, without human intervention, as a model for the kind of systems he is
trying to create. That is consistent with a vision put forward by the Google co-founder
Larry Page, who has argued that technology should be deployed wherever possible to
free humans from drudgery and repetitive tasks.</em>
</p>
</blockquote>
<p>
To spell it out, Google’s efforts in automation under project X have been about augmenting
the human experience in ways that eliminate repetitive tasks which humans are poor
at such as driving where human error is a significant cause of the <a href="http://en.wikipedia.org/wiki/List_of_motor_vehicle_deaths_in_U.S._by_year">over
30,000 deaths a year in the US</a> due to automobile accidents. Even this somewhat
frivolous example of ringing the doorbell at Andy Rubin’s home taken from <a href="http://www.nytimes.com/2007/11/04/technology/04google.html?_r=4&amp;pagewanted=1&amp;hp&amp;">a
2007 profile of the Android founder</a> is consistent with that vision
</p>
<blockquote>
<p>
<em>If the scanner recognizes you, the door unlocks automatically. (The system makes
it easier to deal with former girlfriends, Mr. Rubin likes to joke. No messy scenes
retrieving keys — it’s just a simple database update.)</em>
</p>
<p>
<em>Those forced to use the doorbell are greeted with another technological marvel:
a robotic arm inside the glass foyer grips a mallet and then strikes a large gong.
Although Mr. Rubin won’t reveal its cost, it may be one of the world’s most expensive
doorbells.</em>
</p>
</blockquote>
<p>
At the end of the day, I’m more inspired by a company looking at automating away all
of the tediousness of every day life with Star Trek style technology from automated
doorways and self-driving cars to fully autonomous robots than a vision of making
impulse buying at <strike>Walmart 2.0</strike> Amazon more convenient. I for one welcome
our new robotic overlords.
</p>
<p>
<img title="Note" alt="Note" src="http://www.25hoursaday.com/weblog/images/music_note.gif" /> Now
Playing: <a href="http://www.amazon.com/Adele/e/B00197GQ5Q">Adele</a> – <a href="http://www.amazon.com/Rumour-Has-It/dp/B004NYNGW8/ref=sr_1_cc_1?s=aps&amp;ie=UTF8&amp;qid=1386175638&amp;sr=1-1-catcorr&amp;keywords=rumor+has+it+adele">Rumor
Has It</a> <img title="Note" alt="Note" src="http://www.25hoursaday.com/weblog/images/music_note.gif" />
</p>
<img width="0" height="0" src="http://www.25hoursaday.com/weblog/aggbug.ashx?id=4444f413-4be4-4251-870d-18702a7f25de" />http://www.25hoursaday.com/weblog/CommentView,guid,4444f413-4be4-4251-870d-18702a7f25de.aspxTechnology